Primary

Context

iCam365 CCTV Cameras Missing Authentication Vulnerability Allowing Unauthorized Access to ONVIF Services

Vulnerability

A vulnerability exists in iCam365 CCTV camera models P201 and QC021, all versions through 43.4.0.0. This vulnerability allows unauthenticated access to Open Network Video Interface Forum (ONVIF) services, potentially exposing camera configuration information to unauthorized users. Additionally, this vulnerability could lead to unauthorized access to camera video streams.

Impact

Exploitation of this vulnerability could result in unauthorized access to camera video streams and configuration data.

Remediation

iCam365 did not respond to CISA's request for coordination. Contact iCam365 directly for more information.

Added: Nov 20, 2025, 9:17 PM

Updated: Nov 20, 2025, 9:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

1.1

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

1.1

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

iCam365 CCTV Cameras Missing Authentication Vulnerability Allowing Unauthorized Access to ONVIF Services

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating