AI description
CVE-2025-5124 is a vulnerability found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N network camera models up to firmware version 1.30. It affects an unspecified part of the Administrative Interface component. The vulnerability involves the use of default credentials, which could allow a remote attacker to gain unauthorized access to the affected network cameras. The vendor has stated that they have published a 'Hardening Guide' recommending users change default passwords.
- Description
- A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N up to 1.30. This affects an unknown part of the component Administrative Interface. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. It is recommended to change the configuration settings. The vendor was contacted early about this issue. They confirmed the existence but pointed out that they "have published the 'Hardening Guide' on the Web from July 2018 to January 2025 and have thoroughly informed customers of the recommendation to change their initial passwords".
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
- CNA Tags
- disputed
CVSS 4.0
- Type
- Secondary
- Base score
- 9.2
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Secondary
- Base score
- 8.1
- Impact score
- 5.9
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 7.6
- Impact score
- 10
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:C/I:C/A:C
- cna@vuldb.com
- CWE-1392
- Hype score
- Not currently trending
🚨 #CVE-2025-5124: Default Credentials Vulnerability in #Sony Network Cameras https://t.co/rztg0YwRSa Educational Purposes!
@UndercodeUpdate
7 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5124 (CVSS:9.2, HIGH) is Awaiting Analysis. A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N a..https://t.co/LaAzu3MWad #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
29 May 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ソニー製のネットワークカメラに危険度の高い脆弱性(CVE-2025-5124) #セキュリティ対策Lab #セキュリティ #Security https://t.co/3NSVWuoavP
@securityLab_jp
28 May 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ソニー製ネットワークカメラSNCシリーズの初期パスワードハードコードの脆弱性CVE-2025-5124が気になったので調査しました。ソニー製ネットワークカメラ自体はグローバルで700台程度稼働していますが、影響を
@nekono_naha
27 May 2025
2977 Impressions
8 Retweets
28 Likes
6 Bookmarks
0 Replies
0 Quotes
【仕様】ソニーの防犯カメラにデフォルト認証情報の脆弱性(CVE-2025-5124)。管理インターフェースからのもの。公式は、2018年7月から2025年1月にかけてWeb上で堅牢化ガイドを公表しており、既に顧客には推奨事項
@__kokumoto
26 May 2025
33 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[CVE-2025-5124: CRITICAL] Critical vulnerability found in Sony SNC cameras up to 1.30, allowing remote attacks using default credentials. Vendor confirms existence and advises changing settings. #CyberSecurity#cve,CVE-2025-5124,#cybersecurity https://t.co/bevLXZA2vB https://t.co/
@CveFindCom
24 May 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5124 Critical Default Credentials Vulnerability in Sony SNC Series Network Cameras https://t.co/2TvMNBlCmn
@VulmonFeeds
24 May 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes