CVE-2026-50005 | THREATINT

Description

Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds.

PUBLISHED Reserved 2026-06-08 | Published 2026-06-11 | Updated 2026-06-12 | Assigner icscert

HIGH: 7.7CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

HIGH: 8.3CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N

Problem types

CWE-1392 Use of default credentials

Product status

Default status

unaffected

3.2.3.5.6

affected

Default status

unaffected

3.2.3.5.6

affected

Default status

unaffected

3.2.3.5.6

affected

Default status

unaffected

3.2.3.5.6

affected

Credits

CISA discovered the PoCs (Proof of Concept) as authored by parsa rezaie khiabanloo. finder

References

www.brickcom.com/case/

www.cisa.gov/news-events/ics-advisories/icsa-26-162-03

github.com/...p/csaf_files/OT/white/2026/icsa-26-162-03.json

cve.org (CVE-2026-50005)

nvd.nist.gov (CVE-2026-50005)

Download JSON

help @ threatint.eu