Man-in-the-Middle Vulnerability in Axis Communication Protocol
CVE-2025-30024

6.8MEDIUM

Key Information:

Vendor: Axis Communications Ab
Status: Axis Device Manager
Vendor: CVE Published:; 11 July 2025

🔔 Create Axis Communications Ab Vulnerability Alert

What is CVE-2025-30024?

A security flaw exists within the communication protocol utilized by Axis products, enabling potential attackers to execute man-in-the-middle attacks. This vulnerability allows for the interception and alteration of communications between clients and servers, posing significant risks to data integrity and confidentiality. Without proper safeguards, unauthorized parties may exploit this weakness to gain access to sensitive information, necessitating immediate attention and remediation.

Affected Version(s)

AXIS Device Manager <5.32

References

https://www.axis.com/dam/public/01/d9/24/cve-2025-30024pd...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 11, 2025
Vulnerability Reserved
Mar 14, 2025

Credit

Noam Moshe of Claroty Team82