CVE Details
Basic Information
| Title | SIFUSM/MZZYG BD S1 RTSP Live Video Stream Endpoint access control |
|---|---|
| Type | cve |
| Published | 2025-06-23T23:31:06.122Z |
| Last Seen |
Product Information
| Vendor | SIFUSM |
|---|---|
| Product | BD S1 |
| Version | 20250611 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A vulnerability in the RTSP Live Video Stream Endpoint of SIFUSM/MZZYG BD S1 dashcams allows unauthorized access due to improper access controls. This can be exploited with local network access, and the exploit is publicly available. |
|---|---|
| AI Severity | Medium |
| Vendor | SIFUSM/MZZYG |
| Product | BD S1 |
| Affected Version | 20250611 |
Affected Products
- SIFUSM BD S1 20250611
- MZZYG BD S1 20250611
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-284, CWE-266 |
| Bulletin Family |
References
Description
A vulnerability was found in SIFUSM/MZZYG BD S1 up to 20250611. It has been declared as problematic. This vulnerability affects unknown code of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper access controls. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. This dashcam is distributed by multiple resellers and different names.