Survision License Plate Recognition Camera

Plan PatchCVSS 9.8ICS-CERT ICSA-25-308-02Nov 4, 2025

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Survision License Plate Recognition LPR cameras in all versions prior to v3.5 contain an authentication bypass vulnerability (CWE-306) that allows an attacker with network access to gain full system access without providing any credentials. The vulnerability has a CVSS score of 9.8 and affects the camera's management interface. Survision has released firmware version v3.5 which fixes this issue. For systems unable to update immediately, Survision recommends activating the "lock" password in the security parameters and enforcing client certificate authentication.

What this means

What could happen

An attacker with network access to the camera could gain full administrative control without providing credentials, potentially allowing them to disable recording, alter images, or redirect video feeds used for perimeter security and traffic monitoring.

Who's at risk

License Plate Recognition (LPR) systems used at toll booths, parking facilities, and traffic enforcement operations are affected. Any organization using Survision LPR cameras for access control, parking, or traffic monitoring should prioritize this update.

How it could be exploited

An attacker on your network sends a specially crafted request to the camera's web interface on the default port. The camera fails to validate credentials and grants full system access. The attacker can then modify camera settings, disable recording, or reconfigure the system.

Prerequisites

Network access to the camera's management interface (typically HTTP/HTTPS port)
Camera running firmware version prior to v3.5

remotely exploitableno authentication requiredlow complexitycritical severity (CVSS 9.8)

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

License Plate Recognition LPR Camera: vers:all/*All versionsv3.5

Remediation & Mitigation

0/5

Do now

0/2

HARDENINGEnable the configuration password authentication by defining users and roles with minimal rights in the user management system

WORKAROUNDRestrict network access to the camera's management interface to authorized administrative stations only; block all external and untrusted network access to the camera

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate License Plate Recognition LPR Camera firmware to v3.5 or later

HARDENINGEnforce client certificate authentication where technically feasible

Long-term hardening

0/1

HARDENINGPlace the camera on an isolated network segment separate from your business/IT network

CVEs (1)

CVE-2025-12108

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/49516fb9-920a-4371-8b6e-75a23de5f324

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.