Improper Access Control Vulnerability in SIFUSM/MZZYG BD S1 Dashcam
CVE-2025-6531

4.3MEDIUM

Key Information:

Vendor: SIFUSM/MZZYG
Status: BD S1 Dashcam
Vendor: CVE Published:; 24 June 2025

🔔 Create SIFUSM/MZZYG Vulnerability Alert

What is CVE-2025-6531?

A vulnerability has been identified in the SIFUSM/MZZYG BD S1 dashcam, specifically impacting the RTSP Live Video Stream Endpoint. The flaw allows for unauthorized access due to improper access controls, which can expose live video streams and video recordings. This vulnerability requires an attacker to be on the same local network to exploit it successfully. The exploit has been publicly disclosed, heightening the risk for users of this product, which is sold under various resellers and names.

References

https://github.com/geo-chen/BD

https://github.com/geo-chen/BD?tab=readme-ov-file#finding...

https://vuldb.com/?ctiid.313648

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2025