CISA 2026-06-11

Brickcom Cameras

Machine-generated analysis · WAYSCloud LLM

The advisory states that live video snapshots can be accessed without authentication via the /ONVIF endpoint on affected Brickcom camera models.

Context

Brickcom Cameras are network-connected video surveillance devices used in commercial and industrial settings, as noted in the advisory. The advisory identifies two vulnerabilities: one allowing unauthenticated access to live snapshots through the /ONVIF endpoint, and another involving default credentials that permit remote access to camera feeds. The advisory explicitly states these issues affect four specific camera models running version 3.2.3.5.6. Brickcom did not respond to CISA's coordination request, and no patches or mitigations are provided by the vendor in the advisory.

Operator considerations

Check: Verify if Brickcom Cube, Dome, Bullet, or Box cameras running version 3.2.3.5.6 are present in the environment.
Isolate: Segment affected cameras from public or untrusted networks to limit remote access.
Log: Monitor network traffic for unauthorized access attempts to the /ONVIF endpoint on affected devices.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gain unauthorized access to live video feeds, retrieve sensitive visual information from affected premises, and obtain administrative control of the device.

The following versions of Brickcom Cameras are affected:

Brickcom Cube 3.2.3.5.6

Brickcom Dome 3.2.3.5.6

Brickcom Bullet 3.2.3.5.6

Brickcom Box 3.2.3.5.6

Vendor

Equipment

Brickcom

Brickcom Cameras

Missing Authentication for Critical Function, Use of Default Credentials

Critical Infrastructure Sectors: Commercial Facilities, Critical Manufacturing, Financial Services, Healthcare and Public Health

Countries/Areas Deployed: Worldwide

Company Headquarters Location: Taiwan

The affected product allows unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still im...

Read the full advisory on CISA →