TP-Link Systems Inc. VIGI Series IP Camera
Plan Patch8.8ICS-CERT ICSA-26-036-01Feb 5, 2026
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Authentication bypass vulnerability (CWE-287) in TP-Link VIGI Series IP cameras across 35+ models spanning multiple product lines (Cx45, Cx55, Cx85, Cx40I, Cx30I, Cx20I, C340S, C540S, C540V, C250, InSight Sx45, Sx55, Sx85, and others). Successful exploitation allows unauthenticated users to gain full administrative access to affected cameras, enabling unauthorized viewing, configuration changes, and potential command execution. TP-Link has not released fixed firmware versions at this time. Users are advised to download and install the latest available firmware once available from TP-Link support channels.
What this means
What could happen
An attacker with network access to a TP-Link VIGI camera could gain full administrative control without credentials, allowing them to view surveillance footage, reconfigure cameras, or disable monitoring on critical facilities like water plants or substations.
Who's at risk
Water utilities and municipal electric utilities relying on TP-Link VIGI IP cameras for perimeter surveillance, facility monitoring, or security. This includes all VIGI C-series, S-series (InSight), and specialty 4G-equipped models. Any organization using these cameras for monitoring critical infrastructure access points or control rooms is affected.
How it could be exploited
An attacker on the same network segment as a TP-Link VIGI camera can send a request to the camera's web interface or network service. The camera does not properly validate authentication, allowing the attacker to assume admin privileges and execute arbitrary commands or modify camera settings. No credentials are required.
Prerequisites
- Network access to the VIGI camera (same subnet or routable IP range)
- Camera must be powered on and connected to the network
- No valid user credentials needed
remotely exploitableno authentication requiredlow complexityno patch availableaffects surveillance/security systems
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (32)
32 pending
ProductAffected VersionsFix Status
VIGI Cx45 Series Models C345, C445: <=3.1.0_Build_250820_Rel.57668n≤ 3.1.0 Build 250820 Rel.57668nNo fix yet
VIGI Cx55 Series Models C355, C455: <=3.1.0_Build_250820_Rel.58873n≤ 3.1.0 Build 250820 Rel.58873nNo fix yet
VIGI Cx85 Series Models C385, C485: <=3.0.2_Build_250630_Rel.71279n≤ 3.0.2 Build 250630 Rel.71279nNo fix yet
VIGI C340S Series: <=3.1.0_Build_250625_Rel.65381n≤ 3.1.0 Build 250625 Rel.65381nNo fix yet
VIGI C540S Series Models C540S, EasyCam C540S: <=3.1.0_Build_250625_Rel.66601n≤ 3.1.0 Build 250625 Rel.66601nNo fix yet
Remediation & Mitigation
0/5
Do now
0/2WORKAROUNDRestrict network access to VIGI cameras using firewall rules. Allow only specific engineering workstations or authorized management networks to reach the camera's web interface (default port 80/443) and discovery ports. Block access from general office or untrusted network segments.
HARDENINGDisable remote access features if the cameras do not require remote management. Use local management only from the plant network.
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXContact TP-Link support to request fixed firmware versions, as the advisory does not specify which versions contain the fix. Download and install the latest available firmware for your specific VIGI camera model from the TP-Link support downloads page.
Long-term hardening
0/2HARDENINGIsolate VIGI cameras on a dedicated network segment with restricted routing. Separate the security camera network from operational networks and office networks using VLANs or air-gapped management.
HARDENINGImplement network segmentation so that compromised cameras cannot reach sensitive OT devices like PLCs, RTUs, or HMIs.
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/0420413f-ff2c-49a6-98f2-5412bec40e6b