Details of VAR-202506-2381

ID

VAR-202506-2381

TITLE

ACTIACTI video surveillance has an arbitrary file read vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-13675

DESCRIPTION

ACTi provides a full range of surveillance products - IP cameras, video management systems, video wall systems, mobile applications, IoT devices and access control systems. ACTIACTI video surveillance has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2025-13675

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-13675

AFFECTED PRODUCTS

vendor:

acti

model:

video surveillance

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2025-13675

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2025-13675
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-13675
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2025-13675

EXTERNAL IDS

db:

CNVD

id:

CNVD-2025-13675

Trust: 0.6

sources: CNVD: CNVD-2025-13675

SOURCES

db:

CNVD

id:

CNVD-2025-13675

LAST UPDATE DATE

2025-06-27T19:33:56.008000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2025-13675

date:

2025-06-26T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2025-13675

date:

2025-06-21T00:00:00