XSS Vulnerability in Hanwha Techwin Products
CVE-2025-8075

5.8MEDIUM

Key Information:

Vendor: Hanwha Vision Co., Ltd.
Status: Qnv-c8012
Vendor: CVE Published:; 26 December 2025

🔔 Create Hanwha Vision Co., Ltd. Vulnerability Alert

What is CVE-2025-8075?

A security oversight regarding inadequate validation of incoming XML format request messages has been identified in Hanwha Techwin products. This vulnerability could enable an attacker to execute cross-site scripting (XSS) attacks, potentially compromising user sessions and data integrity. Users are urged to apply the patch firmware released by the manufacturer and consult the official report for detailed remediation strategies.

Affected Version(s)

QNV-C8012 Prior to version 2.22.05

References

https://www.hanwhavision.com/wp-content/uploads/2025/12/C...

CVSS V4

Score:

5.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2025
Vulnerability Reserved
Jul 23, 2025

JSON