THE advisory discusses security vulnerabilities in the Naxclow IoT Platform, released on June 11, 2026, with the alert code ICSA-26-162-02. Specifically, several versions of Naxclow devices, including the Smart Doorbell X3 and the X Smart Home, are at risk of exploitation, which could lead to unauthorized access, impersonation of devices, and interception of communications.
The vulnerabilities include severe issues such as authorization bypass, use of hard-coded keys, and unreliable credential management, with CVSS scores ranging from 5.3 to 9.8. The advisory recommends minimizing network exposure and implementing defensive measures to mitigate the risks.