CVE-2025-35452 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cisa-cg	CNA	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 25%

Vendor	Product	Version
ptzoptics	pt12x-sdi-xx-g2_firmware	-
ptzoptics	pt12x-ndi-xx_firmware	-
ptzoptics	pt12x-usb-xx-g2_firmware	-
ptzoptics	pt20x-sdi-xx-g2_firmware	-
ptzoptics	t20x-ndi-xx_firmware	-
ptzoptics	pt20x-usb-xx-g2_firmware	-
ptzoptics	pt30x-sdi-xx-g2_firmware	-
ptzoptics	pt30x-ndi-xx_firmware	-
ptzoptics	pt12x-zcam_firmware	-
ptzoptics	pt20x-zcam_firmware	-
ptzoptics	ptvl-zcam_firmware	-
ptzoptics	pteptz-zcam-g2_firmware	-
ptzoptics	pteptz-ndi-zcam-g2	-
ptzoptics	pt12x-4k-xx-g3_firmware	𝑥 ≤ 0.0.58
ptzoptics	pt20x-4k-xx-g3_firmware	𝑥 ≤ 0.0.85
ptzoptics	pt30x-4k-xx-g3_firmware	𝑥 ≤ 2.0.64
ptzoptics	pt12x-link-4k-xx_firmware	𝑥 ≤ 0.0.63
ptzoptics	pt20x-link-4k-xx_firmware	𝑥 ≤ 0.0.89
ptzoptics	pt30x-link-4k-xx_firmware	𝑥 ≤ 2.0.71
ptzoptics	pt12x-se-xx-g3_firmware	𝑥 ≤ 9.1.43
ptzoptics	pt20x-se-xx-g3_firmware	𝑥 ≤ 9.1.32
ptzoptics	pt30x-se-xx-g3_firmware	𝑥 ≤ 9.1.33
ptzoptics	pt-studiopro_firmware	𝑥 ≤ 9.0.41
ptzoptics	vl_fixed_camera_firmware	𝑥 ≤ 7.2.94
ptzoptics	ndi_fixed_camera_firmware	𝑥 ≤ 7.2.94
multicam-systems	mcamii_ptz_firmware	*
smtav	ba30s_firmware	*
smtav	ba20s_firmware	*
smtav	bv20s_firmware	*
smtav	bx30s_firmware	*
smtav	bx20n_firmware	*
smtav	bx20uhd-n_firmware	*
smtav	bx20uhd_firmware	*
smtav	ba30-n_firmware	*
smtav	ba20-n_firmware	*
smtav	ba12-n_firmware	*
smtav	hd17h-n_firmware	*
smtav	bx20s-sh_firmware	*
smtav	hd17h_firmware	*
smtav	bv30s_firmware	*
smtav	ba12s_firmware	*
valuehd	vx90_firmware	*
valuehd	vx720l_firmware	*
valuehd	vx752ag_firmware	*
valuehd	vx752a_firmware	*
valuehd	vx751ba_firmware	*
valuehd	vx630al_firmware	*
valuehd	vx61asl_firmware	*
valuehd	vx61basl_firmware	*
valuehd	vx60asl_firmware	*
valuehd	vx61al_firmware	*
valuehd	vx60al_firmware	*
valuehd	vx701ra_firmware	*
valuehd	vx701ta_firmware	*
valuehd	vx800i2_firmware	*
valuehd	v61w_firmware	*
valuehd	v63xl_firmware	*
valuehd	v60xl_firmware	*
valuehd	vx70uvs_firmware	*
valuehd	vx71uvs_firmware	*
valuehd	v71uvs_firmware	*

𝑥

= Vulnerable software versions

Known Exploits!

https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/

Common Weakness Enumeration

CWE-798 - Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json

https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10

https://www.cve.org/CVERecord?id=CVE-2025-35452

https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai

https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/