CVE-2025-5718 – This CVE describes a privilege escalation vulne... (How to Fix)

Q: What is the severity of CVE-2025-5718?

CVE-2025-5718 has a CVSS score of 6.8 (MEDIUM). This CVE describes a privilege escalation vulnerability in the ACAP Application framework through symlink attacks. It affects Axis devices configured to allow unsigned ACAP application installation. Attackers could exploit this by tricking users into installing malicious ACAP applications.

📋 TL;DR

This CVE describes a privilege escalation vulnerability in the ACAP Application framework through symlink attacks. It affects Axis devices configured to allow unsigned ACAP application installation. Attackers could exploit this by tricking users into installing malicious ACAP applications.

💻 Affected Systems

Products:

Axis devices with ACAP Application framework

Versions: Specific versions not detailed in provided reference

Operating Systems: Embedded Linux-based Axis OS

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if configured to allow unsigned ACAP application installation

📦 What is this software?

Axis Os by Axis

View all CVEs affecting Axis Os →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with root privileges, allowing complete control over the Axis device.

🟠

Likely Case

Limited privilege escalation within the ACAP framework context, potentially accessing sensitive device functions.

🟢

If Mitigated

No impact if unsigned ACAP applications are blocked or proper access controls are enforced.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires social engineering to install malicious ACAP application

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Axis security advisory for specific patched versions

Vendor Advisory: https://www.axis.com/dam/public/3c/a4/6a/cve-2025-5718pdf-en-US-504214.pdf

Restart Required: Yes

Instructions:

1. Review Axis security advisory 2. Update affected Axis devices to patched firmware 3. Restart devices after update

🔧 Temporary Workarounds

Disable unsigned ACAP applications

all

Configure Axis devices to only allow signed ACAP applications

Configure via Axis device management interface

🧯 If You Can't Patch

Disable ACAP application framework entirely if not needed
Implement strict access controls and monitoring for ACAP application installation

🔍 How to Verify

Check if Vulnerable:

Check Axis device configuration for unsigned ACAP application allowance

Check Version:

Check via Axis device web interface or management tools

Verify Fix Applied:

Verify firmware version matches patched version from Axis advisory

📡 Detection & Monitoring

Log Indicators:

Unauthorized ACAP application installation attempts
Symlink creation in ACAP directories

Network Indicators:

Unexpected ACAP application download traffic

SIEM Query:

Search for ACAP installation events from untrusted sources

📊 Metadata

CVE ID: CVE-2025-5718

CVSS v3 Score: 6.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-59

EPSS Score: 0.07% exploit probability (21.9th percentile)

Published: November 11, 2025

Last Updated: November 24, 2025

🔗 References

https://www.axis.com/dam/public/3c/a4/6a/cve-2025-5718pdf-en-US-504214.pdf Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-5718, you might also want to check these: