CVE-2025-52598

moderate-risk

Published 2025-12-26

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.7/10 Low

NETWORK / HIGH complexity

Affected Products (20)

Xno-9082Rz Firmware

Xnv-9082R Firmware

Xnd-9082Rf Firmware

Xnd-9082Rv Firmware

Xnb-9002 Firmware

Xnf-9010Rv Firmware

Xnf-9010Rs Firmware

Xnf-9010Rvm Firmware

Xnd-C7083Rv Firmware

Xno-C7083R Firmware

Xnv-C7083R Firmware

Xnd-C6083Rv Firmware

Xnv-C6083R Firmware

Xnv-C6083 Firmware

Xno-C6083R Firmware

Xno-C9083R Firmware

Xnd-C9083Rv Firmware

Xnv-C9083R Firmware

Xno-C8083R Firmware

Xnv-C8083R Firmware

Affected Vendors

Hanwhavision

References (1)

Vendor Advisory https://www.hanwhavision.com/wp-content/uploads/2025/12/Camera-Vulnerability-Rep...

/ 100

moderate-risk

Severity 13/34 · Low

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical