CVE-2025-13658

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges...

EUVD-2025-200299

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges...

CVE-2025-13658

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges...

CVE-2025-13658

CVE-2025-13658 affects Industrial Video & Control Longwatch devices. The root cause is the absence of code signing and execution controls on an exposed endpoint, allowing unauthenticated HTTP GET requests to inject and execute arbitrary code. Exploitation leads to SYSTEM-level privileges and pote...

CVE-2025-13658 Industrial Video & Control Longwatch has a Code Injection vulnerability

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges...

CVE-2025-13658 Industrial Video & Control Longwatch has a Code Injection vulnerability

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-336-01 Industrial Video & Control Longwatch ICSA-25-336-02 Iskra iHUB and iHUB Lite ICSMA-25-336-01 Mirio...

Industrial Video & Control Longwatch 代码注入漏洞

Industrial Video & Control Longwatch is an industrial-grade video surveillance and management platform from Industrial Video & Control, Inc. Industrial Video & Control Longwatch suffers from a code injection vulnerability that originates from an unauthenticated HTTP GET request that can execute...

PT-2025-48772

Name of the Vulnerable Software and Affected Versions Longwatch version 6.309 Description A flaw in Longwatch devices permits unauthenticated HTTP GET requests to execute arbitrary code through an exposed endpoint. This is due to the lack of code signing and execution controls, leading to...

Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections

A recent phishing campaign by Iran-linked threat actor APT34 made use of a savvy approach: Asking victims to join their social network. According to FireEye, the adversaries masqueraded as a Cambridge University lecturer, including setting up a LinkedIn page, in order to gain victims’ trust. From...