Brickcom Cameras

Summary

Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gain unauthorized access to live video feeds, retrieve sensitive visual information from affected premises, and obtain administrative control of the device.

The following versions of Brickcom Cameras are affected:

Brickcom Cube 3.2.3.5.6
Brickcom Dome 3.2.3.5.6
Brickcom Bullet 3.2.3.5.6
Brickcom Box 3.2.3.5.6

CVSS	Vendor	Equipment	Vulnerabilities
v3 7.7	Brickcom	Brickcom Cameras	Missing Authentication for Critical Function, Use of Default Credentials

Background

Critical Infrastructure Sectors: Commercial Facilities, Critical Manufacturing, Financial Services, Healthcare and Public Health
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Taiwan

Vulnerabilities

Expand All +

CVE-2026-50245

The affected product allows unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed.

View CVE Details

Affected Products

Vendor:
Brickcom

Product Version:
Brickcom Brickcom Cube: 3.2.3.5.6, Brickcom Brickcom Dome: 3.2.3.5.6, Brickcom Brickcom Bullet: 3.2.3.5.6, Brickcom Brickcom Box: 3.2.3.5.6

Product Status:
known_affected

Remediations

Mitigation
Brickcom did not respond to CISAs request for coordination. Users are encouraged to reach out to Brickcom for support https://www.brickcom.com/case/
https://www.brickcom.com/case/

Relevant CWE: CWE-306 Missing Authentication for Critical Function

Metrics

CVSS Version	Base Score	Base Severity	Vector String
3.1	7.7	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
4.0	8.3	HIGH	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N

CVE-2026-50005

The affected product ships with default credentials that allows any unauthenticated remote attacker to silently access camera feeds.

View CVE Details

Affected Products

Brickcom Cameras

Vendor:
Brickcom

Product Version:
Brickcom Brickcom Cube: 3.2.3.5.6, Brickcom Brickcom Dome: 3.2.3.5.6, Brickcom Brickcom Bullet: 3.2.3.5.6, Brickcom Brickcom Box: 3.2.3.5.6

Product Status:
known_affected

Remediations

Mitigation
Brickcom did not respond to CISAs request for coordination. Users are encouraged to reach out to Brickcom for support https://www.brickcom.com/case/
https://www.brickcom.com/case/

Relevant CWE: CWE-1392 Use of Default Credentials

Metrics

This article has been indexed from All CISA Advisories

Read the original article:

Brickcom Cameras

← Naxclow IoT Platform

Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts, Report Finds →

Brickcom Cameras

Summary

Background

Vulnerabilities

CVE-2026-50245

Affected Products

Brickcom Cameras

Remediations

Metrics

CVE-2026-50005

Affected Products

Brickcom Cameras

Remediations

Metrics

Read the original article:

Like this:

Related

Summary

Background

Vulnerabilities

CVE-2026-50245

Affected Products

Brickcom Cameras

Remediations

Metrics

CVE-2026-50005

Affected Products

Brickcom Cameras

Remediations

Metrics

Read the original article:

Share this:

Like this:

Related

Post navigation