CVE-2025-0324
published 2025-06-02CVE-2025-0324: The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| axis | axis_os | >= 12.0.0 < 12.3.33 | 12.3.33 |
| axis | axis_os_2024 | >= 11.8.0 < 11.11.140 | 11.11.140 |
| axis_communications_ab | axis_os | >= 11.8.0 < 11.11.140 | 11.11.140 |
| axis_communications_ab | axis_os | >= 12.0.0 < 12.3.33 | 12.3.33 |