CVE-2025-62674 HIGH

CVE-2025-62674: Missing Authentication for RTSP in iCam Cameras

Vendor Icam365
Product P201
Weakness CWE-306 · Missing auth
Published November 20, 2025
Last update November 21, 2025

CVSS base score

7.0/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

The affected product allows unauthenticated access to Real Time Streaming Protocol (RTSP) services, which may allow an attacker unauthorized access to camera configuration information.

Key dates

02Disclosure timeline

November 20, 2025 CVE published
November 21, 2025 Record updated