CVE-2017-20213
Published: 08 January 2026
Summary
CVE-2017-20213 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Cxsecurity (inferred from references). Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 33.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-9 (Service Identification and Authentication).
Deeper analysis
CVE-2017-20213 is an unauthenticated vulnerability in the FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64, classified under CWE-306 (Missing Authentication for Critical Function). It enables remote attackers to access live camera streams without any credentials, affecting multiple camera series by exposing unauthorized thermal camera video feeds. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no requirements for privileges, user interaction, or special access.
Remote attackers can exploit this vulnerability over the network with low complexity and no authentication, directly viewing sensitive live thermal video feeds from affected FLIR cameras. Exploitation requires only network access to the camera's stream endpoint, allowing unauthorized surveillance or data exfiltration without detection or disruption to the device.
Advisories and related resources, including exploit details, are documented in references such as cxsecurity.com, packetstormsecurity.com, an archived FLIR security blog post, exploit-db.com, and zeroscience.mk, which outline the issue but do not specify patch availability in the provided details. Security practitioners should consult these for firmware update guidance from FLIR.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-1606
Vulnerability details
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera series without…
more
requiring any authentication.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct unauthenticated network access to public-facing camera stream endpoint enables exploitation of public-facing applications (T1190) and unauthorized live video/thermal feed capture (T1125).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires unique identification and authentication of the camera stream service as a prerequisite to access, directly preventing unauthenticated remote viewing of thermal feeds.
Enforces approved authorizations for logical access to system resources like live camera streams, mitigating the missing access enforcement in the firmware.
Protects thermal camera sensor data from unauthorized access, modification, or disclosure, tailored to the exposed live video feeds.