Network Interception Vulnerability in Amazon Cloud Cam by Amazon
CVE-2025-6031

7.7HIGH

Key Information:

Vendor: Amazon
Status: Cloud Cam
Vendor: CVE Published:; 12 June 2025

What is CVE-2025-6031?

The Amazon Cloud Cam, a home security camera now considered end-of-life as of December 2, 2022, poses serious security risks due to its outdated service infrastructure. Upon activation, the device attempts to connect to deprecated remote services. In a default pairing state, users can bypass SSL pinning, enabling unauthorized network access. This vulnerability facilitates network traffic interception and modification, jeopardizing user privacy and security. Users are strongly advised to cease the use of Amazon Cloud Cams immediately.

Affected Version(s)

Cloud Cam 0

References

https://aws.amazon.com/security/security-bulletins/AWS-20...

vendor-advisory

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 12, 2025
Vulnerability Reserved
Jun 12, 2025