CVE-2025-0325 MEDIUM

CVE-2025-0325

Vendor Axis Communications Ab
Product AXIS OS
Weakness CWE-1287
Published June 2, 2025
Last update June 2, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device.

Key dates

02Disclosure timeline

June 2, 2025 CVE published
June 2, 2025 Record updated