Multiple India-based CCTV Cameras (Update A)**

Plan PatchCVSS 9.4ICS-CERT ICSA-25-343-03Dec 9, 2025

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Multiple CCTV camera models from D-Link and Securus contain a vulnerability that allows unauthenticated attackers to disclose camera account credentials without authentication. Affected products include the DCS-F5614-L1 (firmware ≤v1.03.038, no patch planned), Securus Purple Series (patched in firmware dated 15-12-2025 or later), and D-Link IP CCTV cameras (all versions, no patch planned). Successful exploitation results in disclosure of stored camera credentials, potentially enabling unauthorized remote access to camera feeds and monitoring systems.

What this means

What could happen

An attacker without credentials could capture account credentials stored on these CCTV cameras, potentially enabling unauthorized access to camera feeds and network surveillance systems. This could allow remote viewing of sensitive areas within your facility.

Who's at risk

Municipal facilities and security teams managing D-Link and Securus CCTV systems should prioritize this issue. Affected devices include DCS-F5614-L1 models, Securus Purple Series cameras, and D-Link IP CCTV cameras used for building surveillance and security monitoring.

How it could be exploited

An attacker on the network can connect to the vulnerable camera without authentication and extract stored account credentials through insufficient access controls. Once credentials are obtained, the attacker can access the camera remotely to view live feeds or recorded video.

Prerequisites

Network access to the CCTV camera (typically on your management network or accessible via Internet if port-forwarded)
No valid credentials required for initial exploitation

remotely exploitableno authentication requiredlow complexitycredentials at riskmultiple products with no fix available

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (3)

1 with fix2 EOL

ProductAffected VersionsFix Status

DCS-F5614-L1: <=v1.03.038≤ v1.03.038No fix (EOL)

Purple Series: <15-12-2025<15-12-202515-12-2025+

IP CCTV Cameras: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/5

Do now

0/2

HARDENINGRestrict network access to CCTV cameras: Use firewall rules to block direct access from untrusted networks. Only allow designated management workstations to connect to camera administration ports.

WORKAROUNDChange default credentials on all CCTV cameras and use strong, unique passwords for each device.

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Purple Series cameras to firmware dated 15-12-2025 or later.

Mitigations - no patch available

0/2

The following products have reached End of Life with no planned fix: DCS-F5614-L1: <=v1.03.038, IP CCTV Cameras: vers:all/*. Apply the following compensating controls:

HARDENINGUpdate DCS-F5614-L1 cameras: This model will not receive patches. Consider replacing with a camera model that receives security updates, or implement network segmentation to isolate these devices.

HARDENINGIsolate IP CCTV cameras (all-version models with no patch available) on a dedicated management VLAN separate from operational networks and external Internet access.

CVEs (1)

CVE-2025-13607

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/15a84489-66d0-4a1f-8960-c882ab3d5455

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.