CVE-2025-30023
Published: 11 July 2025
Summary
CVE-2025-30023 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Axis Camera Station. Its CVSS base score is 9.0 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-30023 is a high-severity flaw (CVSS 9.0) in a client-server communication protocol that permits deserialization of untrusted data (CWE-502). The vulnerability resides in the protocol handling between endpoints and allows an authenticated participant to trigger remote code execution.
An attacker with low-privileged credentials on an adjacent network can exploit the issue without user interaction. Successful exploitation yields full control over confidentiality, integrity, and availability on affected components whose scope extends beyond the vulnerable instance.
The single reference points to an Axis advisory document, but no specific mitigation steps, patch details, or affected product versions are supplied in the available data. EPSS remains flat at 0.0657 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-21112
Vulnerability details
The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Deserialization flaw in authenticated client-server protocol directly enables RCE on server (adjacent network, low-priv to full compromise).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Mandates timely identification, reporting, and correction of flaws such as the deserialization vulnerability in CVE-2025-30023 to prevent remote code execution.
Requires validation of all information inputs from untrusted sources like client-server protocol messages to block malicious deserialized data leading to code execution.
Provides vulnerability scanning to identify critical issues like CVE-2025-30023 in affected Axis products for prioritized remediation.