THE ICS Advisory ICSA-26-162-03, released on June 11, 2026, addresses vulnerabilities in several Brickcom Cameras, specifically versions 3.2.3.5.6 of the Cube, Dome, Bullet, and Box models. Key points include:
1. Vulnerabilities allow remote, unauthenticated attackers to access live video feeds and control devices due to missing authentication and default credentials.
2. CVSS scores indicate a high severity with an initial base score of 7.7 (CVSS v3.1) and 8.3 (CVSS v4.0).
3. Users are encouraged to contact Brickcom for support and are advised to minimize network exposure and implement strong security practices.
4. CISA has not reported public exploitation of these vulnerabilities as of now.