Skip to main content

Brickcom IP Cameras EUVDEUVD-2026-36310

| CVE-2026-50005 HIGH
Use of Default Credentials (CWE-1392)
2026-06-11 icscert GHSA-4qgh-qg2j-6vjw
8.3
CVSS 4.0 · Vendor: icscert
Share

Severity by source

Vendor (icscert) PRIMARY
8.3 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.5 HIGH

Default credentials on a network-exposed camera management interface allow unauthenticated remote login (AV:N/PR:N/UI:N) yielding full video confidentiality loss; integrity/availability impact not stated in description.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (icscert).

CVSS VectorVendor: icscert

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 11, 2026 - 21:28 vuln.today
CVSS changed
Jun 11, 2026 - 21:22 NVD
7.7 (HIGH) 8.3 (HIGH)

DescriptionCVE.org

Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds.

AnalysisAI

Unauthorized camera feed access affects Brickcom Cube, Dome, Bullet, and Box IP camera product lines due to factory-shipped default credentials (CWE-1392). Any attacker reaching the camera's management interface can authenticate using the known default account and silently view live video, with no public exploit identified at time of analysis though the trivial nature of the issue means weaponization requires no specialized tooling. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Scan internet for Brickcom cameras
Delivery
Identify exposed management interface
Exploit
Submit factory default credentials
Execution
Authenticate as administrator
Persist
Access live video and recordings
Impact
Exfiltrate surveillance feed

Vulnerability AssessmentAI

Exploitation The attacker must reach the camera's management interface (HTTP/HTTPS web UI, ONVIF, or RTSP service) on a Brickcom Cube, Dome, Bullet, or Box camera where the operator has not changed the factory-shipped default credentials - the description states 'unauthenticated remote' access, which conflicts with the CVSS 4.0 AV:L metric and should be verified against the CISA advisory. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector AV:L/AC:L/PR:N/UI:N with VC:H plus subsequent-system SC:H/SI:H yields an 8.3 (High) score, but the AV:L (local) attack vector is internally inconsistent with the description's claim of 'unauthenticated remote attacker' access - typical default-credential flaws in network-exposed cameras warrant AV:N, so defenders should treat the practical attack surface as network-reachable wherever the camera's management interface is exposed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker enumerates internet-exposed Brickcom cameras via Shodan or similar device search engines, then submits the well-known factory default username and password to the camera's web or ONVIF interface. Authentication succeeds silently with no lockout or alert, and the attacker streams live RTSP video, downloads recordings, and potentially pivots into the surveillance VLAN; no public POC is required because the credentials themselves are the exploit.
Remediation No vendor-released patch identified at time of analysis - the references include a CISA ICS advisory (ICSA-26-162-03) and vendor page but no fixed firmware version in the supplied data, so consult https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-03 and the CSAF JSON at https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-162-03.json for the latest vendor remediation guidance. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Change default credentials on all Brickcom cameras to strong unique passwords and restrict management interface access to trusted networks only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-36310 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy