A severe security vulnerability affecting multiple India-based CCTV camera manufacturers has been disclosed. Potentially allowing attackers to access video feeds and steal account credentials without authentication.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on December 9, 2025, under alert code ICSA-25-343-03.
Identifying the threat across devices from D-Link India Limited, Sparsh Securitech, and Securus CCTV.
Vulnerability Details
The vulnerability, classified as missing authentication for a critical function (CWE-306), has been assigned CVE-2025-13607 with a critical CVSS v4 score of 9.3.
| Field | Details |
|---|---|
| CVE ID | CVE-2025-13607 |
| CVSS v4 Score | 9.3 (Critical) |
| CVSS v3 Score | 9.4 (Critical) |
| Vulnerability Type | Missing Authentication for Critical Function |
| CWE ID | CWE-306 |
| Attack Vector | Network (AV:N) |
The flaw enables remote attackers to exploit a vulnerable URL endpoint without authentication.
Granting unauthorized access to sensitive camera configuration data, including administrative account credentials.
The D-Link DCS-F5614-L1 camera model running firmware versions v1.03.038 and earlier is confirmed affected.
While specific models for Sparsh Securitech and Securus CCTV remain undocumented, organizations using cameras from these vendors face similar exposure risks.
Attack Vector and Risk
The vulnerability presents a critical threat due to its network accessibility and low attack complexity.
A malicious actor requires no special privileges or user interaction to exploit the flaw, making it trivial for remote attackers to execute.
Successful exploitation results in information disclosure, including capture of camera account credentials.
Potentially compromising surveillance infrastructure and enabling unauthorized system access.
D-Link has released a security update for affected devices and published a security advisory.
The vendor strongly urges immediate installation of patches and emphasizes validating update success by comparing firmware versions on device interfaces.
For Sparsh Securitech and Securus CCTV users, CISA reports these vendors did not respond to coordination requests.
Organizations should contact vendor support directly to determine which models are affected and obtain remediation guidance.
CISA recommends critical defensive measures, including minimizing network exposure by isolating cameras from internet connectivity.
Restricting access behind firewalls and implementing VPN solutions for required remote access.
Organizations should perform impact analysis before deploying defensive measures. No active public exploitation has been reported to CISA at this time.
Because the flaw is severe and easy to exploit, affected CCTV systems need to be patched and secured immediately to protect businesses and critical infrastructure across India.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
