Primary

Context

Axis Communications AXIS Device Manager Man-in-the-Middle Vulnerability

Vulnerability

Patched

A vulnerability in the communication protocol between client and server in AXIS Device Manager versions prior to 5.32 allows for a man-in-the-middle attack. This flaw arises from improper certificate validation, which could be exploited to intercept or alter communications between the client and server.

Impact

Exploitation of this vulnerability allows for a man-in-the-middle attack, where an attacker could intercept, modify, or inject communications between the client and server.

Remediation

Users are advised to update AXIS Device Manager to version 5.32, where this vulnerability has been addressed. The latest versions can be found on the Axis vulnerability management portal.

Added: Jul 11, 2025, 6:22 AM

Updated: Jul 11, 2025, 6:22 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

5.6

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

5.6

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Axis Communications AXIS Device Manager Man-in-the-Middle Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Axis AXIS Device Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating