Unauthenticated Access Vulnerability in Open Network Video Interface Forum Services by iCAM365
CVE-2025-64770

7HIGH

Key Information:

Vendor: Icam365
Status: P201; Qc021
Vendor: CVE Published:; 20 November 2025

What is CVE-2025-64770?

The vulnerability allows attackers to gain unauthorized access to camera configuration details through Open Network Video Interface Forum (ONVIF) services. This exposure can lead to significant privacy concerns and potential misuse of security camera systems.

Affected Version(s)

P201 0 <= 43.4.0.0

QC021 0 <= 43.4.0.0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-3...

https://icam365.net/en/aboutUs/

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2025
Vulnerability Reserved
Nov 11, 2025

Credit

Truong Nguyen Long

JSON