Skip to main content

Camera Station Pro EUVDEUVD-2025-21110

| CVE-2025-30025 HIGH
Deserialization of Untrusted Data (CWE-502)
2025-07-11 product-security@axis.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:27 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
5.32,6.8,6
EUVD ID Assigned
Mar 16, 2026 - 08:17 euvd
EUVD-2025-21110
Analysis Generated
Mar 16, 2026 - 08:17 vuln.today
CVE Published
Jul 11, 2025 - 06:15 nvd
HIGH 7.8

DescriptionCVE.org

The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation.

AnalysisAI

CVE-2025-30025 is a local privilege escalation vulnerability in the inter-process communication (IPC) protocol between a server process and its service control mechanism, caused by insecure deserialization (CWE-502). An authenticated local attacker with limited privileges can exploit this flaw to escalate to higher privileges, potentially gaining complete system compromise including confidentiality, integrity, and availability impact. While the CVSS score of 7.8 indicates high severity, the local attack vector and requirement for prior authentication mean this affects primarily multi-user systems or scenarios where an attacker has already gained initial local access.

Technical ContextAI

The vulnerability exists in the service control communication protocol (likely using serialized object deserialization) that facilitates IPC between privileged server processes and service management components. CWE-502 (Deserialization of Untrusted Data) indicates the root cause: the protocol deserializes data without proper validation, allowing an attacker to craft malicious serialized payloads that execute arbitrary code with elevated privileges. This is a classic IPC privilege escalation pattern where trust boundaries between service components are broken. The protocol likely uses binary serialization frameworks (such as .NET remoting, Java serialization, or similar) that deserialize untrusted data from local sockets or named pipes without sufficient integrity checks or privilege validation.

RemediationAI

Immediate actions: (1) Check vendor security advisories for CVE-2025-30025 patches and apply immediately to all affected systems, (2) Restrict local user access on affected systems—disable unnecessary user accounts and apply principle of least privilege, (3) Monitor IPC traffic for suspicious serialized payloads or service control anomalies. Workarounds pending patch availability: (1) restrict access to service control sockets/pipes via filesystem ACLs, (2) isolate multi-user systems to trusted users only, (3) implement application whitelisting for service processes, (4) use mandatory access controls (SELinux/AppArmor) to restrict service process capabilities. Once patches are available from vendors, apply in order of system criticality and test in non-production environments first.

CVE-2025-30026 CRITICAL
9.8 Jul 11

CVE-2025-30026 is a critical authentication bypass vulnerability in AXIS Camera Station Server that allows unauthenticat

CVE-2025-30023 CRITICAL
9.0 Jul 11

CVE-2025-30023 is a critical remote code execution vulnerability in a client-server communication protocol that allows a

CVE-2025-11547 HIGH
7.8 Feb 10

AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user. [CV

CVE-2025-1056 MEDIUM
6.1 Apr 23

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the

CVE-2025-0926 MEDIUM
5.9 Apr 23

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to

CVE-2025-12063 MEDIUM
5.7 Feb 10

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the

CVE-2025-12757 MEDIUM
4.6 Feb 10

An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are n

CVE-2025-13064 MEDIUM
4.5 Feb 10

A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script w

CVE-2025-7622 MEDIUM
5.1 Aug 12

During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated

CVE-2024-7696 MEDIUM
6.3 Jan 07

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated mal

Share

EUVD-2025-21110 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy