Man-in-the-Middle Vulnerability in Axis Communication Protocol
CVE-2025-30024

6.8MEDIUM

Key Information:

Vendor
CVE Published:
11 July 2025

What is CVE-2025-30024?

A security flaw exists within the communication protocol utilized by Axis products, enabling potential attackers to execute man-in-the-middle attacks. This vulnerability allows for the interception and alteration of communications between clients and servers, posing significant risks to data integrity and confidentiality. Without proper safeguards, unauthorized parties may exploit this weakness to gain access to sensitive information, necessitating immediate attention and remediation.

Affected Version(s)

AXIS Device Manager <5.32

References

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Noam Moshe of Claroty Team82
.