Volerion logoVolerion
Volerion logoVolerion

Axis Communications AXIS OS ACAP Framework D-Bus Access Vulnerability

Vulnerability

A vulnerability has been identified in the ACAP Application framework of Axis OS versions 11.11 prior to 12.1. This flaw allows applications to access restricted D-Bus methods, potentially leading to unauthorized actions within the framework. The vulnerability was discovered during a penetration test by Truesec.

Impact

Exploitation of this vulnerability could allow applications to bypass authorization and access restricted D-Bus methods, potentially leading to unauthorized actions or access within the ACAP Application framework.

Remediation

Axis has released patches for this vulnerability in AXIS OS Active Track 12.2.52 and LTS 2024 11.11.135. For devices not included in these tracks but still under support, patches will be provided according to the planned maintenance and release schedule. Users are advised to update their Axis device software to the latest version available.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
6.8
impact
1.3
exploitability
3.5
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.