CVE-2025-0358 – Axis VAPIX Device Configuration Privilege Escalation Vulnerability

June 2, 2025

CVE ID : CVE-2025-0358

Published : June 2, 2025, 8:15 a.m. | 3 hours, 7 minutes ago

Description : During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-0325 – Axis Guard Tour VAPIX API Parameter Injection Vulnerability

Next Article CVE-2025-0324 – VAPIX Device Configuration Privilege Escalation

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Cloudsmith launches ML Model Registry to provide a single source of truth for AI models and datasets

Kong Acquires OpenMeter to Unlock AI and API Monetization for the Agentic Era

Microsoft Graph CLI to be retired

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

ASUS built a desktop gaming PC around a mobile CPU — it’s an interesting, if flawed, idea

Hollow Knight: Silksong arrives on Xbox Game Pass this week — and Xbox’s September 1–7 lineup also packs in the horror. Here’s every new game.

The Xbox remaster that brought Gears to PlayStation just passed a huge milestone — “ending the console war” and proving the series still has serious pulling power

Magento (Adobe Commerce) or Optimizely Configured Commerce: Which One to Choose

Magento (Adobe Commerce) or Optimizely Configured Commerce: Which One to Choose

Updates from N|Solid Runtime: The Best Open-Source Node.js RT Just Got Better

Scale Your Business with AI-Powered Solutions Built for Singapore’s Digital Economy

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

ASUS built a desktop gaming PC around a mobile CPU — it’s an interesting, if flawed, idea

Hollow Knight: Silksong arrives on Xbox Game Pass this week — and Xbox’s September 1–7 lineup also packs in the horror. Here’s every new game.

CVE-2025-0358 – Axis VAPIX Device Configuration Privilege Escalation Vulnerability

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

Pennsylvania Attorney General’s Office Recovers from Ransomware Attack

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

See-Through Parallel Universes with Your Mind’s Eye – The Course Guidebook: Chapter 10

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version

Meet WrenAI: The Open-Source AI Business Intelligence Agent for Natural Language Data Analytics

CVE-2025-5208 – SourceCodester Online Hospital Management System SQL Injection Vulnerability

8BitDo and some of its killer retro-themed PC accessories are the latest to suffer from the U.S. tariff situation

CVE-2025-45864 – TOTOLINK A3002R Buffer Overflow Vulnerability

CVE-2025-0358 – Axis VAPIX Device Configuration Privilege Escalation Vulnerability

Related Posts