CVE-2025-0358 Information

Description

During an annual penetration test conducted on behalf of Axis Communication Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation enabling a lower-privileged user to gain administrator privileges.

Reference

https://www.axis.com/dam/public/35/90/85/cve-2025-0358pdf-en-US-483809.pdf