Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera
Summary
Hangzhou Xiongmai Technology Co., Ltd's XM530 IP Camera, specifically firmware version V5.00.R02.000807D8.10010.346624.S.ONVIF_21.06, is affected by CVE-2025-65856. This vulnerability allows unauthenticated remote attackers to bypass authentication and access sensitive device information and live video streams.
IFF Assessment
The vulnerability allows for unauthorized access to sensitive information and live video streams, posing a significant risk to user privacy and network security.
Severity
The CVSS score of 9.8 indicates a critical severity, reflecting the 'Missing Authentication for Critical Function' vulnerability that allows remote attackers to gain unauthorized access to sensitive data and live video streams.
Defender Context
This critical vulnerability in widely deployed IP cameras highlights the ongoing risk of unsecured IoT devices providing entry points for attackers. Defenders should prioritize identifying and securing such devices on their networks and consider network segmentation to limit the impact of potential compromises.