Skip to main content

Brickcom IP Cameras EUVDEUVD-2026-36309

| CVE-2026-50245 HIGH
Missing Authentication for Critical Function (CWE-306)
2026-06-11 icscert GHSA-p643-w432-6q35
8.3
CVSS 4.0 · Vendor: icscert
Share

Severity by source

Vendor (icscert) PRIMARY
8.3 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.5 HIGH

Unauthenticated HTTP GET to a network-reachable /ONVIF endpoint (AV:N, AC:L, PR:N, UI:N) discloses live surveillance imagery (C:H) without affecting integrity or availability.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (icscert).

CVSS VectorVendor: icscert

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 11, 2026 - 21:28 vuln.today
CVSS changed
Jun 11, 2026 - 21:22 NVD
7.7 (HIGH) 8.3 (HIGH)

DescriptionCVE.org

Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed.

AnalysisAI

Unauthenticated snapshot disclosure in Brickcom Cube, Dome, Bullet, and Box IP cameras lets anyone reachable on the camera's /ONVIF endpoint retrieve still images from the live video feed without credentials. The flaw, reported through CISA ICS-CERT (ICSA-26-162-03) and tagged as an authentication bypass, is a classic CWE-306 missing-authentication issue affecting devices typically deployed in physical-security and OT environments. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Discover Brickcom camera on network
Delivery
Enumerate /ONVIF snapshot URI
Exploit
Send unauthenticated HTTP GET
Execution
Receive live JPEG snapshot
Impact
Poll repeatedly for surveillance reconnaissance

Vulnerability AssessmentAI

Exploitation Exploitation requires only HTTP reachability to the camera's /ONVIF endpoint on an affected Brickcom Cube, Dome, Bullet, or Box model - no credentials, no user interaction, and no special configuration on the camera (the missing authentication is the default behavior of the vulnerable firmware). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-supplied CVSS 4.0 vector (AV:L/AC:L/PR:N/UI:N, VC:H, SC:H/SI:H) yields 8.3 and emphasizes high confidentiality impact plus a subsequent-system confidentiality and integrity effect - consistent with surveillance footage feeding into broader monitoring/VMS infrastructure. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker on the same network segment as the camera (or on the internet, if the camera is exposed) sends an unauthenticated HTTP request to the camera's /ONVIF snapshot URI and receives a current JPEG of the camera's field of view, repeating the request to effectively reconstruct a low-frame-rate video feed. In a physical-security context this enables pre-attack reconnaissance of staffing patterns, access points, or sensitive areas; in an OT context it can leak views of control rooms or industrial processes. …
Remediation No vendor-released patch version is identified in the provided input - review Brickcom's advisory page (https://www.brickcom.com/case/) and CISA ICSA-26-162-03 (https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-03) for the current firmware release covering this issue and upgrade affected Cube/Dome/Bullet/Box units accordingly. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Catalog all Brickcom camera deployments by model, document network IP addresses and ONVIF endpoint accessibility, and assess whether cameras are reachable from untrusted networks. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-36309 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy