Default Credential Vulnerability in PTZOptics ValueHD-based Cameras
CVE-2025-35452

9.2CRITICAL

Key Information:

Vendor: Ptzoptics
Status: Pt12x-se-xx-g3; Pt12x-link-4k-xx; Pt20x-se-xx-g3; Pt20x-link-4k-xx
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-35452?

PTZOptics' ValueHD-based pan-tilt-zoom cameras are vulnerable due to the use of default, shared credentials for their administrative web interface, which can be exploited to gain unauthorized access. This security flaw could allow malicious actors to control the cameras, compromising the integrity of the visual surveillance and raising serious security concerns. It is essential for users to change default credentials and implement robust security practices to mitigate the risk of unauthorized access.

Affected Version(s)

12x Fixed Camera/NDI Fixed Camera 0 < 7.2.85

20x Fixed Camera/NDI Fixed Camera 0 < 7.2.94

EPTZ Fixed Camera/NDI Fixed Camera 0 < 8.1.89

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-1...

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

https://www.cve.org/CVERecord?id=CVE-2025-35452

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2025
Vulnerability Reserved
Apr 15, 2025

Ptzoptics

What is CVE-2025-35452?

Affected Version(s)

References

CVSS V4

Timeline