What is CVE-2025-0325?

CVE-2025-0325 is a medium-severity vulnerability in Axis Communications Ab Os, classified under CWE-1287. CVSS score: 4.3/10. Published 2025-06-02.

How severe is CVE-2025-0325?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Axis Communications Ab Os

CVE-2025-0325

A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device.

EPSS: 0.003 (53.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.

Affected products

Axis Communications Ab Os — versions 6.50.0, 7.0.0, 9.0.0

Weakness classification (CWE)

CWE-1287
CWE-628

References

www.axis.com/dam/public/d0/ae/fe/cve-2025-0325pdf-en-US-483808.pdf

Frequently asked questions

What is CVE-2025-0325?: CVE-2025-0325 is a medium-severity vulnerability in Axis Communications Ab Os, classified under CWE-1287. CVSS score: 4.3/10. Published 2025-06-02.
How severe is CVE-2025-0325?: Medium severity. CVSS v3 base score is 4.3 out of 10.