RCE in Lsc Ptz_dual_band_camera

CVE-2025-25680

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.005 (40.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-25680?
CVE-2025-25680 is a high-severity vulnerability in Lsc Ptz_dual_band_camera, classified under Code Injection. CVSS score: 7.7/10. Published 2025-03-11.
How severe is CVE-2025-25680?
High severity. CVSS v3 base score is 7.7 out of 10.