CVE-2025-14749 identifies an improper access control vulnerability in the Ningyuanda TC155 device, version 57.0.2.0, specifically within the ONVIF PTZ Control Interface component accessed via the /onvif/device_service endpoint. ONVIF is a standard protocol widely used for IP-based video surveillance devices, including PTZ (pan-tilt-zoom) cameras. The vulnerability allows an attacker on the same local network segment to bypass access controls and potentially manipulate device functions without requiring authentication or user interaction. The CVSS 4.0 vector indicates the attack complexity is low, no privileges or user interaction are needed, and the impact is limited to low confidentiality, integrity, and availability impacts. The exploit is publicly available, increasing the risk of exploitation, although no active exploitation has been reported. The vendor Ningyuanda has not issued any patches or responded to vulnerability disclosure efforts, leaving affected devices exposed. This vulnerability could enable unauthorized control over PTZ camera movements or other device functions, potentially disrupting surveillance operations or enabling further lateral movement within a network. The lack of network-level authentication or access controls on the affected interface is the root cause. Given the device’s role in security monitoring, exploitation could degrade situational awareness or facilitate covert surveillance manipulation.

For European organizations, especially those relying on Ningyuanda TC155 devices for surveillance in critical infrastructure, public safety, or corporate security, this vulnerability poses a risk of unauthorized manipulation of PTZ camera controls. This could lead to blind spots in surveillance coverage, allowing malicious actors to evade detection or conduct physical intrusions unnoticed. The local network attack vector means that attackers would need to gain access to the internal network, which could be achieved via compromised devices, insider threats, or poorly segmented networks. The impact on confidentiality is low but not negligible, as unauthorized access to camera controls could reveal sensitive operational details. Integrity and availability impacts are also low to medium, as attackers could disrupt camera functionality or manipulate video feeds. The absence of vendor patches increases the risk exposure duration. Organizations in sectors such as transportation, energy, government, and large enterprises with extensive surveillance deployments are particularly at risk. The vulnerability could also facilitate broader network compromise if used as a pivot point. Overall, the threat undermines trust in surveillance infrastructure and could have operational and security consequences.

1. Implement strict network segmentation to isolate Ningyuanda TC155 devices from general user and guest networks, limiting local network access to trusted administrators only. 2. Deploy network access controls such as 802.1X authentication and VLANs to restrict device communication and reduce attack surface. 3. Monitor network traffic to and from /onvif/device_service endpoints for unusual or unauthorized access attempts, using IDS/IPS solutions with custom signatures if possible. 4. Disable or restrict ONVIF PTZ control interfaces if not required for operational purposes. 5. Use strong physical security controls to prevent unauthorized local network access. 6. Regularly audit device configurations and firmware versions to identify affected devices. 7. Engage with Ningyuanda or third-party security providers for potential unofficial patches or workarounds. 8. Prepare incident response plans that include scenarios involving surveillance device compromise. 9. Consider deploying compensating controls such as additional video analytics or redundant camera coverage to mitigate potential blind spots. 10. Maintain awareness of any future vendor updates or community advisories regarding this vulnerability.