CVE-2025-45619 is a vulnerability identified in the firmware version 0.1.0000.59 of the Aver PTC310UV2 device. This vulnerability allows a remote attacker to execute arbitrary code by exploiting the SendAction function. The SendAction function likely processes incoming commands or requests, and due to insufficient input validation or improper handling of parameters, it can be manipulated to execute malicious code remotely. This type of vulnerability is critical because it enables attackers to gain control over the affected device without requiring physical access. The firmware version affected is specifically 0.1.0000.59, and no other versions are explicitly mentioned. There is no CVSS score assigned yet, and no known exploits have been reported in the wild as of the publication date. The lack of a patch link suggests that a fix may not yet be available or publicly disclosed. The vulnerability was reserved in April 2025 and published in July 2025, indicating recent discovery and disclosure. The device in question, the Aver PTC310UV2, is a professional-grade PTZ (pan-tilt-zoom) camera commonly used in video conferencing, broadcasting, and surveillance environments. Such devices are often network-connected and may be deployed in corporate, educational, or governmental settings. Remote code execution (RCE) vulnerabilities in these devices can lead to unauthorized access, surveillance, or pivoting into internal networks.

For European organizations, the impact of this vulnerability could be significant, especially for sectors relying on video conferencing and surveillance infrastructure. Exploitation could lead to unauthorized control of the camera device, allowing attackers to intercept video and audio streams, manipulate camera functions, or use the compromised device as a foothold to launch further attacks within the network. This could result in breaches of confidentiality, loss of data integrity, and disruption of availability of critical communication or security systems. Organizations in sectors such as government, education, healthcare, and corporate enterprises that utilize Aver PTC310UV2 cameras for remote meetings or security monitoring are particularly at risk. Additionally, the ability to execute arbitrary code remotely without authentication increases the threat level, as attackers can exploit the vulnerability without needing prior access or user interaction. This could facilitate espionage, data leakage, or sabotage of operations. The absence of known exploits in the wild currently reduces immediate risk but does not eliminate the potential for future attacks once exploit code becomes available.

Given the lack of an official patch at the time of disclosure, European organizations should implement immediate compensating controls. These include isolating the affected devices on segmented networks with strict access controls to limit exposure to untrusted networks. Network-level protections such as firewalls and intrusion detection/prevention systems (IDS/IPS) should be configured to monitor and block suspicious traffic targeting the SendAction function or related device management interfaces. Organizations should disable any unnecessary remote management features on the Aver PTC310UV2 devices and enforce strong authentication and encryption for device access. Regularly auditing device firmware versions and monitoring vendor communications for patch releases is critical. Once a patch is available, prompt testing and deployment should be prioritized. Additionally, organizations should consider deploying network anomaly detection tools to identify unusual device behavior indicative of exploitation attempts. Training IT and security staff to recognize signs of compromise and establishing incident response procedures tailored to IoT and networked camera devices will further enhance resilience.