Input Validation Flaw in MOBOTIX P3 and Mx6 Cameras
CVE-2023-34873

8.7HIGH

Key Information:

Vendor: Mobotix
Status: P3; Mx6
Vendor: CVE Published:; 23 May 2025

What is CVE-2023-34873?

An input validation vulnerability exists in MOBOTIX P3 cameras prior to version MX-V4.7.2.18 and Mx6 cameras prior to version MX-V5.2.0.61, where the tcpdump feature fails to adequately validate user input. This oversight allows authenticated users to potentially execute arbitrary code, posing a significant security risk to the integrity of the camera systems and the networks they operate on. For more information, refer to the official advisory from MOBOTIX and CISA.

Affected Version(s)

Mx6 0

P3 0

References

https://www.mobotix.com/en/node/13391

https://www.cisa.gov/news-events/ics-advisories/icsa-24-2...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 23, 2025
Vulnerability Reserved
Jun 7, 2023

Mobotix

What is CVE-2023-34873?

Affected Version(s)

References

CVSS V4

Timeline