---
title: "Critical Flaws in Axis Communications Software Enable Remote Attacks"
short_title: "Axis Camera Software Flaws Allow Remote Code Execution"
description: "Axis Communications patches critical vulnerabilities in Camera Station Pro, Camera Station, and Device Manager. Upgrade now to prevent RCE, MitM, and authentication bypass attacks."
author: "Vitus"
date: 2025-01-24
categories: [Cybersecurity, Vulnerabilities]
tags: [axis-communications, cve-2025-30023, rce, authentication-bypass, mitm]
score: 0.85
cve_ids: [CVE-2025-30023, CVE-2025-30024, CVE-2025-30025, CVE-2025-30026]
---
TL;DR
Axis Communications has patched four critical vulnerabilities in its Camera Station Pro, Camera Station, and Device Manager software. If exploited, these flaws could allow attackers to execute remote code (RCE), man-in-the-middle (MitM) attacks, or bypass authentication. Users are urged to upgrade to the latest versions immediately to mitigate risks.
---
Main Content
Introduction
Axis Communications, a global leader in network video solutions, has addressed four high-severity vulnerabilities in its Camera Station Pro, Camera Station, and Device Manager software. These flaws, if left unpatched, could enable threat actors to execute arbitrary code, intercept sensitive communications, or bypass authentication mechanisms. The vulnerabilities impact organizations across commercial facilities and critical manufacturing sectors worldwide, emphasizing the need for immediate action.
---
Key Points
- Critical Vulnerabilities: Four CVEs (CVE-2025-30023, CVE-2025-30024, CVE-2025-30025, CVE-2025-30026) affect Axis Communications software, with CVE-2025-30023 rated as CRITICAL (CVSS 9.0).
- Exploitation Risks: Successful exploitation could lead to remote code execution (RCE), man-in-the-middle (MitM) attacks, or authentication bypass.
- Affected Products: AXIS Camera Station Pro, AXIS Camera Station, and AXIS Device Manager running versions prior to 6.9, 5.58, and 5.32, respectively.
- Mitigation: Axis Communications has released patches. Users must upgrade to the latest versions to secure their systems.
- No Active Exploitation Reported: As of now, there are no known public exploits targeting these vulnerabilities.
---
Technical Details
#### CVE-2025-30023 (CRITICAL - CVSS 9.0)
- Type: Deserialization of Untrusted Data
- Impact: Allows an authenticated user to execute remote code by exploiting a flaw in the communication protocol between client and server.
- Affected Products: AXIS Camera Station Pro (<6.9), AXIS Camera Station (<5.58), AXIS Device Manager (<5.32).
- Vector: `CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`
#### CVE-2025-30024 (MEDIUM - CVSS 6.8)
- Type: Improper Certificate Validation
- Impact: Enables threat actors to execute a man-in-the-middle (MitM) attack by exploiting a flaw in the communication protocol.
- Affected Products: AXIS Device Manager (<5.32).
- Vector: `CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N`
#### CVE-2025-30025 (MEDIUM - CVSS 5.2)
- Type: Deserialization of Untrusted Data
- Impact: Allows local privilege escalation by exploiting a flaw in the communication between the server process and service control.
- Affected Products: AXIS Camera Station Pro (<6.9), AXIS Camera Station (<5.58), AXIS Device Manager (<5.32).
- Vector: `CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L`
#### CVE-2025-30026 (MEDIUM - CVSS 6.1)
- Type: Authentication Bypass Using an Alternate Path or Channel
- Impact: Allows users to bypass authentication on the AXIS Camera Station Server.
- Affected Products: AXIS Camera Station Pro (<6.9), AXIS Camera Station (<5.58).
- Vector: `CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L`
---
Impact Assessment
The vulnerabilities pose significant risks to organizations relying on Axis Communications software for surveillance and device management. Remote code execution (CVE-2025-30023) could allow attackers to take full control of affected systems, while MitM attacks (CVE-2025-30024) could lead to data interception and manipulation. Authentication bypass (CVE-2025-30026) further exacerbates the risk by enabling unauthorized access to sensitive systems.
Given the global deployment of Axis Communications products, these vulnerabilities could impact critical infrastructure sectors, including commercial facilities and critical manufacturing. Organizations must prioritize patching to prevent potential breaches.
---
Mitigation Steps
Axis Communications has released the following patches to address these vulnerabilities:
- AXIS Camera Station Pro: Upgrade to version 6.9 or later.
- AXIS Camera Station: Upgrade to version 5.58 or later.
- AXIS Device Manager: Upgrade to version 5.32 or later.
#### Additional Recommendations
1. Minimize Network Exposure: Ensure control system devices are not accessible from the internet.
2. Isolate Networks: Locate control system networks behind firewalls and separate them from business networks.
3. Secure Remote Access: Use Virtual Private Networks (VPNs) for remote access, ensuring they are updated to the latest version.
4. Monitor for Malicious Activity: Follow established internal procedures to report and track suspicious activity.
For more details, refer to Axis Communications' security advisories:
- [CVE-2025-30023](https://nvd.nist.gov/vuln/detail/CVE-2025-30023)
- [CVE-2025-30024](https://nvd.nist.gov/vuln/detail/CVE-2025-30024)
- [CVE-2025-30025](https://nvd.nist.gov/vuln/detail/CVE-2025-30025)
- [CVE-2025-30026](https://nvd.nist.gov/vuln/detail/CVE-2025-30026)
---
Conclusion
The discovery of these critical vulnerabilities in Axis Communications software underscores the importance of proactive cybersecurity measures in safeguarding surveillance and device management systems. Organizations must apply the latest patches immediately to mitigate risks and prevent potential exploitation. While no active exploits have been reported, the severity of these flaws demands urgent attention to protect critical infrastructure and sensitive data.
---
References
[^1]: CISA. "[ICSA-25-352-08: Axis Communications Camera Station Pro, Camera Station, and Device Manager](https://www.cisa.gov/news-events/ics-advisories/icsa-25-352-08)". Retrieved 2025-01-24.
[^2]: Axis Communications. "Security Advisories for CVE-2025-30023, CVE-2025-30024, CVE-2025-30025, CVE-2025-30026". Retrieved 2025-01-24.
[^3]: NVD. "[CVE-2025-30023 Detail](https://nvd.nist.gov/vuln/detail/CVE-2025-30023)". Retrieved 2025-01-24.