CVE-2025-8075

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The...

CVE-2025-8075

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The...

CVE-2025-52600

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

CVE-2025-52599

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered Inadequate of permission management for camera guest account. The manufacturer has released patch firmware for the flaw, please refer to the...

CVE-2025-52600

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

CVE-2025-52598

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, please refer to the...

CVE-2025-8075 Improper Input Validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The...

EUVD-2025-205418

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The...

CVE-2025-8075 Improper Input Validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The...

CVE-2025-8075

CVE-2025-8075 (Hanwha Vision cameras) : Nozomi Networks Labs reports that validation of incoming XML format requests is insufficient, enabling cross-site scripting (XSS) in the user’s browser. Tenable/Red Hat/NVD records reflect this vulnerability as affecting Hanwha Vision camera platforms; a ma...

CVE-2025-52601

Hanwha Vision cameras exposed by CVE-2025-52601 contain a hard-coded cryptographic key in Device Manager, enabling an attacker with local access to decrypt sensitive information. The vulnerability is described as a hard-coded key for sensitive data, with a patch firmware released by the manufactu...

CVE-2025-52601 Hardcoding sensitive information

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. T...

CVE-2025-52601 Hardcoding sensitive information

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. T...

EUVD-2025-205420

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

CVE-2025-52600 Improper Input Validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

CVE-2025-52600 Improper Input Validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

CVE-2025-52600

CVE-2025-52600 affects Hanwha Vision cameras; vulnerability in camera video analytics due to improper input validation could allow a remote attacker to execute commands on the host PC. Patch firmware has been released by the manufacturer. Connected Nessus/NVD entries reiterate the same descriptio...

CVE-2025-52599 Inadequate account permissions management

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered Inadequate of permission management for camera guest account. The manufacturer has released patch firmware for the flaw, please refer to the...

CVE-2025-52599

CVE-2025-52599 – Hanwha Vision cameras are affected by inadequate permission management for the guest camera account. The manufacturer has released a patch firmware; apply it per the vendor report/workarounds. CVSS metrics in the description indicate a MEDIUM severity, with network attack vector,...

CVE-2025-52598 Insufficient certificate validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, please refer to the...