An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
References
| Link | Resource |
|---|---|
| https://www.axis.com/dam/public/38/20/aa/cve-2025-8108pdf-en-US-504218.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
No history.
Information
Published : 2025-11-11 07:15
Updated : 2025-11-24 17:56
NVD link : CVE-2025-8108
Mitre link : CVE-2025-8108
CVE.ORG link : CVE-2025-8108
JSON object : View
Products Affected
axis
- p1245_mk_ii
- p1468-le
- q3536-lve
- m4318-plve
- q3558-lve
- i7020
- q4809-pve
- p1387-b
- xc1311
- p1468-xle
- m3088-v
- a1214
- m3057-plr_mk_ii
- p5654-e_mk_ii
- q3839-spve
- excam_xpt_q6075
- q6075-e
- q6315-le
- c1111-e
- a8207-ve_mk_ii
- q6358-le
- xf40-q1785
- m4317-plve
- q1615-le_mk_iii
- c1110-e
- p3827-pve
- p3748-plve
- m1075-l
- q6225-le
- p3285-lve
- q6020-e
- s4000
- m7104
- q3626-ve
- m5074
- m5526-e
- m1135-e_mk_ii
- p3288-lv
- m4215-lv
- f9114-bt
- f9111-r_mk_ii_main_unit
- p5655-e
- p1518-e
- q2101-te
- q6075
- p7304
- s3016
- p1475-le
- p3738-ple
- p3265-lve-3
- q1686-dle
- m4318-plr
- p1388-be
- c1610-ve
- p3925-r
- q1715
- q3548-lve
- axis_os
- q6318-le
- f9114-b_main_unit
- p3265-lv
- m4225-lve
- c1310-e_mk_ii
- m5000
- m3086-v
- xpq1785
- c1720
- m4317-plr
- p3287-lve
- q1728-le
- m1135
- fa51
- c1211-e
- m4328-p
- q6135-le
- q8615-e
- p3925-lre
- w401
- p3747-plve
- p5676-le
- s3008_mk_ii
- q2111-e
- m3216-lve
- p3275-lve
- m4218-v
- q1656-be
- q6074
- fa54
- q1656-dle
- d201-s_xpt_q6075
- p3277-lv
- q8752-e_mk_ii
- p3288-lve
- m2035-le
- q1808-le
- p1385-be
- q3538-lve
- i7010-ve
- fa51-b
- q2112-e
- q6300-e
- p1465-le
- q3556-lve
- w101
- p3268-slve
- p4707-plve
- q9307-lv
- f9104-b_main_unit
- m3085-v
- p3275-lv
- m5075
- c8110
- f9114-b-r_mk_ii_main_unit
- m4215-v
- m4228-lve
- m4216-v
- m4308-ple
- p3277-lve
- p1275_mk_ii
- q8752-e
- c1410_mk_ii
- c1511
- f9111_mk_ii_main_unit
- s3008
- excam_xf_q1785
- p1387-be
- w100
- q1809-le
- d4200-ve
- p3285-lv
- p4708-plve
- p7316
- q1972-e
- p1385-e
- p3287-lv
- q1800-le-3
- a1610_\(-b\)
- c8210
- q1656-ble
- q6078-e
- p3267-lve
- q3538-slve
- p3278-lve
- p3267-lv
- m1055-l
- p9117-pv
- m4227-lve
- q1806-le
- d3110_mk_ii
- q1656-b
- q6075-s
- w102
- q1800-le
- m2036-le
- q6355-le
- v5925
- f9104-b_mk_ii_main_unit
- p4705-plve
- q1656
- p3278-lv
- c1210-e
- w110
- i8307-ve
- p1388-le
- f9114_main_unit
- p1467-le
- p3268-lv
- q1656-le
- q1798-le
- p1387
- p1265_mk_ii
- p3737-ple
- a1810-b
- q6074-e
- i8116-e
- a1210_\(-b\)
- m3905-r
- m3125-lve
- i7010-safety
- c1710
- m3126-lve
- p3265-lve
- p1385
- q3819-pve
- q1805-le
- q3628-ve
- q6075-se
- c6110
- i8016-lve
- q1961-te
- q1971-e
- a1710-b
- d2210-ve
- m3128-lve
- m1137
- p3818-pve
- m4216-lv
- q3546-lve
- c1510
- q1615_mk_iii
- w120
- p1385-b
- p3935-lr
- m3086-v_mic
- p3268-lve
- q1728
- q1961-xte
- d6310
- m5075-g
- p1465-le-3
- p5654-e
- q3839-pve
- p3265-v
- d4100-ve_mk_ii
- p3735-ple
- p3905-r_mk_iii
- m4218-lv
- d2110-ve
- m4327-p
- m7116
- p1387-le
- f9111_main_unit
- m3215-lve
- p1388-b
- v5938
- d1110
- xfq1656
- a1601
- p1518-le
- p3267-lve_mic
- p1388
- m5000-g
- m1137-e_mk_ii