File Deletion Vulnerability in Axis Security Cameras
CVE-2025-0926

5.9MEDIUM

Key Information:

Vendor: Axis Communications Ab
Status: Axis Camera Station Pro
Vendor: CVE Published:; 23 April 2025

What is CVE-2025-0926?

A vulnerability discovered by a member of the AXIS Camera Station Pro Bug Bounty Program allows non-admin users to trigger the deletion of system files while recording video, potentially causing the camera to enter a boot loop state. Axis Communications has acknowledged this issue and released a patched version to address the vulnerability. For detailed information and mitigation strategies, please refer to the official Axis security advisory.

Affected Version(s)

AXIS Camera Station Pro 6 < 6.8

References

https://www.axis.com/dam/public/9d/fe/3f/cve-2025-0926pdf...

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 23, 2025
Vulnerability Reserved
Jan 31, 2025

Axis Communications Ab

What is CVE-2025-0926?

Affected Version(s)

References

CVSS V3.1

Timeline