Cube
Monthly
Unauthorized camera feed access affects Brickcom Cube, Dome, Bullet, and Box IP camera product lines due to factory-shipped default credentials (CWE-1392). Any attacker reaching the camera's management interface can authenticate using the known default account and silently view live video, with no public exploit identified at time of analysis though the trivial nature of the issue means weaponization requires no specialized tooling. CISA ICS-CERT issued advisory ICSA-26-162-03 covering the issue.
Unauthenticated snapshot disclosure in Brickcom Cube, Dome, Bullet, and Box IP cameras lets anyone reachable on the camera's /ONVIF endpoint retrieve still images from the live video feed without credentials. The flaw, reported through CISA ICS-CERT (ICSA-26-162-03) and tagged as an authentication bypass, is a classic CWE-306 missing-authentication issue affecting devices typically deployed in physical-security and OT environments. No public exploit identified at time of analysis, but exploitation is trivial once the endpoint is reachable.
Unauthorized camera feed access affects Brickcom Cube, Dome, Bullet, and Box IP camera product lines due to factory-shipped default credentials (CWE-1392). Any attacker reaching the camera's management interface can authenticate using the known default account and silently view live video, with no public exploit identified at time of analysis though the trivial nature of the issue means weaponization requires no specialized tooling. CISA ICS-CERT issued advisory ICSA-26-162-03 covering the issue.
Unauthenticated snapshot disclosure in Brickcom Cube, Dome, Bullet, and Box IP cameras lets anyone reachable on the camera's /ONVIF endpoint retrieve still images from the live video feed without credentials. The flaw, reported through CISA ICS-CERT (ICSA-26-162-03) and tagged as an authentication bypass, is a classic CWE-306 missing-authentication issue affecting devices typically deployed in physical-security and OT environments. No public exploit identified at time of analysis, but exploitation is trivial once the endpoint is reachable.