This report highlights vulnerabilities in iCam365 P201 and QC021 cameras allowing unauthenticated access to their video streams and configuration data. These issues could lead to unauthorized surveillance and configuration manipulation. #CVE2025-64770 #CVE2025-62674
Keypoints
- The vulnerabilities affect older versions of iCam365 P201 and QC021 cameras.
- Attacks can exploit missing authentication for critical functions via ONVIF and RTSP protocols.
- The CVSS v4 scores for these vulnerabilities are both rated at 7.0.
- CISA recommends network isolation, firewalls, and VPN use to mitigate risks.
- There are no known active exploits targeting these vulnerabilities at this time.
Read More: https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-02