Vulnerability Database

324,382

Total vulnerabilities in the database

CVE-2025-0360

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API.

Published: Mar 4, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-0360
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
axis / axis_os	11.11.0	12.2.41
axis / axis_os_2024	-	11.11.135

https://www.axis.com/dam/public/b1/fe/46/cve-2025-0360pdf-en-US-466887.pdf

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo