---
title: "Brickcom Camera Vulnerabilities Expose Feeds and Admin Control to Hackers"
short_title: "Brickcom cameras at risk of unauthorized access"
description: "Critical flaws in Brickcom cameras allow unauthenticated access to live feeds and admin control. Learn about the risks, affected models, and mitigation steps."
author: "Vitus"
date: 2024-10-02
categories: [Cybersecurity, Vulnerabilities]
tags: [brickcom, cve-2026-50245, cve-2026-50005, iot security, unauthorized access]
score: 0.78
cve_ids: [CVE-2026-50245, CVE-2026-50005]
---
## TL;DR
Two critical vulnerabilities in Brickcom cameras—CVE-2026-50245 and CVE-2026-50005—allow remote attackers to access live video feeds, retrieve sensitive visual data, and gain administrative control without authentication. Affected models include Cube, Dome, Bullet, and Box cameras running version 3.2.3.5.6. Brickcom has not responded to coordination requests, leaving users to mitigate risks independently.
Main Content
### Introduction
Security researchers have uncovered two high-severity vulnerabilities in Brickcom cameras, a popular choice for surveillance in commercial facilities, healthcare, and critical manufacturing sectors. These flaws enable unauthenticated attackers to access live video feeds, exploit default credentials, and seize administrative control of affected devices. With deployment spanning worldwide, the implications of these vulnerabilities are far-reaching and demand immediate attention.
### Key Points
- Unauthenticated access: Attackers can view live snapshots and camera feeds via the /ONVIF endpoint without any authentication (CVE-2026-50245).
- Default credentials: Affected cameras ship with hardcoded default credentials, allowing silent access to camera feeds (CVE-2026-50005).
- High-severity risks: Successful exploitation could lead to unauthorized data access, privacy violations, and full device compromise.
- No vendor response: Brickcom has not responded to CISA’s coordination requests, leaving users to address the issue independently.
- Affected models: Brickcom Cube, Dome, Bullet, and Box cameras running firmware version 3.2.3.5.6.
Technical Details
#### Vulnerability 1: CVE-2026-50245 – Missing Authentication for Critical Function
- Description: The affected Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint. No authentication is required to retrieve still images from the camera feed, exposing sensitive visual data to attackers.
- CVSS Score (v3.1): 7.7 (High)
- CVSS Score (v4.0): 8.3 (High)
- Vector String (v3.1): CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Relevant CWE: CWE-306 – Missing Authentication for Critical Function
#### Vulnerability 2: CVE-2026-50005 – Use of Default Credentials
- Description: The cameras ship with default credentials, enabling unauthenticated remote attackers to access camera feeds silently. This flaw compounds the risk of unauthorized access and administrative control.
- CVSS Score (v3.1): 7.7 (High)
- CVSS Score (v4.0): 8.3 (High)
- Vector String (v3.1): CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Relevant CWE: CWE-1392 – Use of Default Credentials
### Affected Systems
The following Brickcom camera models running firmware version 3.2.3.5.6 are affected:
- Brickcom Cube
- Brickcom Dome
- Brickcom Bullet
- Brickcom Box
These devices are widely deployed across commercial facilities, critical manufacturing, financial services, and healthcare sectors, amplifying the potential impact of these vulnerabilities.
### Impact Assessment
The exploitation of these vulnerabilities poses severe risks to organizations and individuals relying on Brickcom cameras for surveillance:
1. Privacy Violations: Unauthorized access to live video feeds can expose sensitive visual data, compromising the privacy of individuals and organizations.
2. Administrative Control: Attackers gaining administrative access can manipulate camera settings, disable security features, or use the device as a pivot point for further attacks.
3. Operational Disruption: Compromised cameras can disrupt surveillance operations, leaving premises vulnerable to physical security breaches.
4. Reputation Damage: Organizations failing to secure their surveillance systems risk reputational harm and legal consequences, particularly in regulated industries like healthcare and finance.
### Mitigation Steps
Given Brickcom’s lack of response to CISA’s coordination efforts, users must take proactive measures to mitigate these risks:
1. Isolate Affected Devices:
- Minimize network exposure for all control system devices, ensuring they are not accessible from the internet.
- Locate control system networks and remote devices behind firewalls and isolate them from business networks.
2. Secure Remote Access:
- When remote access is required, use secure methods such as Virtual Private Networks (VPNs). Ensure VPNs are updated to the latest version and recognize that their security depends on connected devices.
3. Change Default Credentials:
- Immediately update default credentials on all Brickcom cameras. Use strong, unique passwords and enable multi-factor authentication (MFA) where possible.
4. Monitor for Suspicious Activity:
- Implement intrusion detection systems (IDS) to monitor for unauthorized access attempts.
- Regularly review camera logs for signs of compromise.
5. Contact Brickcom Support:
- Users are encouraged to reach out to Brickcom for support via their official case portal.
6. Follow CISA Guidelines:
- Refer to CISA’s recommended practices for control systems security and implement defense-in-depth strategies to enhance cybersecurity posture.
## Conclusion
The discovery of CVE-2026-50245 and CVE-2026-50005 in Brickcom cameras underscores the critical importance of securing IoT devices, particularly those used in sensitive environments. With no official patch or response from Brickcom, organizations must act swiftly to isolate affected devices, update credentials, and implement robust security measures to prevent exploitation.
As IoT security continues to evolve, proactive defense strategies and vendor coordination remain essential to mitigating emerging threats. Stay vigilant, monitor for updates, and prioritize the security of surveillance systems to safeguard against unauthorized access and potential breaches.
## References
[^1]: CISA. "ICSA-26-162-03: Brickcom Cameras". Retrieved 2024-10-02.
[^2]: MITRE. "CWE-306: Missing Authentication for Critical Function". Retrieved 2024-10-02.
[^3]: MITRE. "CWE-1392: Use of Default Credentials". Retrieved 2024-10-02.
[^4]: Brickcom. "Support Case Portal". Retrieved 2024-10-02.