Skip to main content

CVE-2025-30184: CWE-288 in CyberData 011209 SIP Emergency Intercom

Critical
VulnerabilityCVE-2025-30184cvecve-2025-30184cwe-288
Published: Mon Jun 09 2025 (06/09/2025, 22:05:25 UTC)
Source: CVE Database V5
Vendor/Project: CyberData
Product: 011209 SIP Emergency Intercom

Description

CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path.

AI-Powered Analysis

AILast updated: 07/10/2025, 23:48:19 UTC

Technical Analysis

CVE-2025-30184 is a critical vulnerability identified in the CyberData 011209 SIP Emergency Intercom device. The vulnerability is classified under CWE-288, which pertains to improper authentication. Specifically, this flaw allows an unauthenticated attacker to gain access to the device's web interface via an alternate path that bypasses normal authentication mechanisms. This means that an attacker does not need valid credentials or any form of user interaction to exploit the vulnerability. The CVSS v3.1 base score of 9.8 reflects the severity, with metrics indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality (C:H), integrity (I:H), and availability (A:H). The CyberData 011209 SIP Emergency Intercom is a network-connected device typically used in critical communication scenarios such as emergency intercom systems in buildings, campuses, or industrial environments. Exploitation of this vulnerability could allow attackers to fully control the device, manipulate emergency communication, disrupt availability, or use the device as a pivot point for further network intrusion. Although no known exploits are currently reported in the wild, the critical nature and ease of exploitation make this a significant threat. The absence of available patches at the time of publication increases the urgency for mitigation and risk management.

Potential Impact

For European organizations, the impact of this vulnerability can be severe, especially for those relying on CyberData 011209 SIP Emergency Intercoms in critical infrastructure, public safety, healthcare, educational institutions, and industrial facilities. Unauthorized access to the intercom's web interface could lead to manipulation or disruption of emergency communication systems, potentially endangering lives and causing operational disruptions. Confidentiality breaches could expose sensitive information communicated over the device. Integrity violations could allow attackers to issue false emergency alerts or disable legitimate alerts, undermining trust in safety systems. Availability impacts could result in denial of emergency communication services during critical events. Additionally, compromised devices could be leveraged as entry points for lateral movement within organizational networks, increasing the risk of broader cyberattacks. The criticality of emergency communication systems in European regulatory and safety frameworks amplifies the potential consequences of exploitation.

Mitigation Recommendations

Given the lack of an official patch at the time of disclosure, European organizations should implement immediate compensating controls. These include isolating the CyberData 011209 SIP Emergency Intercom devices on segmented network zones with strict access controls and firewall rules to limit exposure to untrusted networks, especially the internet. Network monitoring should be enhanced to detect unusual access attempts or traffic patterns targeting the intercom devices. Employing VPNs or secure management channels for administrative access can reduce risk. Organizations should review and harden device configurations, disabling any unnecessary services or interfaces. Physical security controls should be enforced to prevent unauthorized local access. Additionally, organizations should engage with CyberData for timely updates and patches and plan for rapid deployment once available. Incident response plans should be updated to address potential exploitation scenarios involving emergency communication systems.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
icscert
Date Reserved
2025-03-26T16:22:34.663Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68487f531b0bd07c39389fbb

Added to database: 6/10/2025, 6:54:11 PM

Last enriched: 7/10/2025, 11:48:19 PM

Last updated: 8/4/2025, 10:24:49 PM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats