CVE-2025-50777 is a security vulnerability identified in the firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera, specifically version V1.00.02. The vulnerability is classified as an Incorrect Access Control flaw that permits local attackers to escalate privileges and gain root shell access on the device. This level of access allows an attacker to fully control the camera's operating system environment. Once root access is obtained, the attacker can extract sensitive information stored on the device, including Wi-Fi network credentials and ONVIF service credentials, both of which are stored in plaintext. The ONVIF protocol is widely used for IP-based security products, so compromising these credentials can facilitate unauthorized access to other networked surveillance devices or systems. The exposure of Wi-Fi credentials further enables attackers to infiltrate the local network, potentially compromising other connected devices and systems. Although no public exploits are currently known in the wild, the vulnerability's nature and the sensitive data exposed make it a significant risk. The lack of a CVSS score indicates that the vulnerability has not yet been fully assessed for severity, but the technical details suggest a high-impact threat due to the combination of privilege escalation and credential disclosure. The vulnerability affects a specific firmware version, and no patch or mitigation links have been published yet, indicating that affected users may remain exposed until a fix is released.

For European organizations, this vulnerability poses a considerable risk, especially for entities relying on AZIOT smart CCTV cameras for physical security monitoring. The ability for an attacker to gain root access to these devices can lead to a full compromise of the camera, enabling surveillance tampering, disabling of security monitoring, or use of the device as a foothold within the network. The exposure of Wi-Fi credentials can allow lateral movement within corporate or home networks, potentially leading to broader network compromise, data exfiltration, or further attacks on critical infrastructure. Additionally, the disclosure of ONVIF credentials can facilitate unauthorized access to other IP-based security devices, undermining the overall security posture. This is particularly concerning for sectors with high security requirements such as government facilities, financial institutions, healthcare providers, and critical infrastructure operators in Europe. The vulnerability could also impact privacy compliance under regulations like GDPR if personal data is exposed or surveillance systems are manipulated. The absence of known exploits in the wild currently limits immediate widespread impact, but the vulnerability's characteristics make it a likely target for attackers once exploit code becomes available.

Given the lack of an official patch, European organizations should take proactive steps to mitigate risk. First, isolate affected AZIOT cameras on segmented networks or VLANs with strict access controls to limit exposure to local attackers. Disable or restrict local access interfaces where possible, and enforce strong physical security controls to prevent unauthorized local device access. Change default passwords and credentials on all devices and related services, even though the vulnerability allows root access, to reduce attack surface. Monitor network traffic for unusual activity related to the cameras or ONVIF services, and implement network-level controls such as firewall rules to restrict communication to trusted sources only. Organizations should also inventory all AZIOT devices and firmware versions to identify and prioritize vulnerable units. Until a firmware update is released, consider replacing vulnerable cameras with alternative products that have a stronger security track record. Finally, maintain awareness of vendor advisories and apply patches promptly once available.