CVE-2025-13658
published 2025-12-02CVE-2025-13658: A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code…
PriorityP267critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.60%
44.5th percentile
A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| industrial_video_control | longwatch | 6.309 – 6.334 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated HTTP GET requests targeting the exposed Longwatch endpoint that triggers code execution ↗
- →Successful exploitation results in SYSTEM-level process privileges; monitor for unexpected SYSTEM-level child processes spawned from the Longwatch service ↗
- →Affected versions are Longwatch 6.309 through 6.334; flag any internet-exposed instances of these versions as high-priority targets ↗
- ·No specific vulnerable endpoint path, payload structure, or network port is publicly disclosed in available sources; detection rules cannot be narrowed beyond generic unauthenticated HTTP GET traffic to Longwatch devices ↗
- ·No known public exploitation has been reported at time of advisory publication, limiting availability of real-world IOCs ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Industrial Video & Control Longwatch
cisa_ics·2025-12-02·CVSS 9.3
[CRITICAL] Industrial Video & Control Longwatch
ICS Advisory
##
Industrial Video & Control Longwatch
Release DateDecember 02, 2025
Alert CodeICSA-25-336-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Industrial Video & Control
- Equipment: Longwatch
- Vulnerability: IMPROPER CONTROL OF GENERATION OF CODE ('CODE INJECTION')
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an unauthenticated attacker to gain remote code execution with elevated privileges.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Industrial Video & Control Longwatch, a video surveillance and monitoring system, are af
GHSA
GHSA-g5hm-5h94-r32f: A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of
ghsa_unreviewed·2025-12-02
CVE-2025-13658 [CRITICAL] CWE-94 GHSA-g5hm-5h94-r32f: A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of
A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-12-02
Published