ICSA-25-352-08 · Published 2026-01-22 · View on CISA ICS-CERT ↗

Axis Communications Camera Station Pro, Camera Station, and Device Manager (Update B)

CVSS 9.0 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code, executing a man-in-middle style attack, or bypass authentication.

CVEs (4)

CVE-2025-30023 CVE-2025-30024 CVE-2025-30025 CVE-2025-30026

Remediations

Axis Communications recommends users to upgrade to the following versions:
AXIS Camera Station Pro 6.9 or later
AXIS Camera Station 5.58 or later
AXIS Device Manager 5.32 or later
For more information on these issues, see the following security advisories from Axis: CVE-2025-30023, CVE-2025-30024, CVE-2025-30025, and CVE-2025-30026.
For CVE-2025-30025, AXIS Camera Station 5.x requires an upgrade to AXIS Camera Station Pro 6.9 or later and AXIS Camera Station Pro requires an upgrade to AXIS Camera Station Pro 6.8 or later

Affected Vendors

Axis Communications

Affected Products (5)

Axis Communications · AXIS Camera Station Pro <6.9

Axis Communications · AXIS Camera Station Pro <6.8

Axis Communications · AXIS Camera Station <5.58

Axis Communications · AXIS Camera Station All_5.x

Axis Communications · AXIS Device Manager <5.32

Affected Sectors

Commercial Facilities, Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more