CVE-2025-3892

Medium CVSS 6.7

Overview

ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

CWE: CWE-250 Published: 2025-08-12T06:15:26.040

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.7 (MEDIUM)
Detected tags: priv_esc (tag impact: HIGH)

Recommended actions:

Fix privilege escalation urgently.
Enforce least-privilege and strengthen EDR detection.

Overview

Recommended tools

Tags