CVE-2025-63674 is a vulnerability identified in the Blurams Lumi Security Camera (model A31C) running firmware version 23.1227.472.2926. The flaw allows a local attacker with physical access to the device to override the bootloader stored on the SD card, enabling arbitrary code execution during the device boot process. This attack vector exploits the device's insufficient protection of the bootloader integrity, categorized under CWE-77 (Improper Neutralization of Special Elements used in a Command). The vulnerability does not require prior authentication or user interaction but does require physical access to the device and its removable storage media. The CVSS v3.1 base score is 6.1, indicating a medium severity level, with a vector string AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N, meaning the attack vector is physical, with low attack complexity, no privileges or user interaction needed, and impacts confidentiality and integrity significantly but not availability. No patches or known exploits are currently available, but the risk lies in potential unauthorized code execution that could compromise the device’s firmware, leading to data exfiltration or manipulation of video feeds. This vulnerability is particularly concerning for environments relying on these cameras for security surveillance, as compromised devices could undermine physical security monitoring.

For European organizations, the impact of this vulnerability can be significant, especially for those deploying Blurams Lumi Security Cameras in sensitive or critical environments such as corporate offices, government buildings, or industrial sites. Successful exploitation could lead to unauthorized access to video streams, manipulation or deletion of recorded footage, and potential use of the compromised device as a foothold within the network. Although the attack requires physical access, the risk is elevated in locations where devices are installed in publicly accessible or insufficiently secured areas. The confidentiality and integrity of surveillance data are at risk, which could affect privacy compliance under regulations like GDPR. Additionally, compromised cameras could be used to facilitate further attacks or espionage, impacting organizational security posture and trust.

To mitigate this vulnerability, organizations should implement strict physical security controls to prevent unauthorized access to the cameras and their SD cards, such as locking enclosures or secure mounting locations. Regularly inspect devices for signs of tampering. Network segmentation should be employed to isolate security cameras from critical infrastructure and sensitive networks. Monitor device behavior and logs for anomalies that might indicate compromise. Once available, promptly apply firmware updates or patches from the vendor addressing this vulnerability. Consider deploying endpoint detection solutions capable of identifying unusual device activity. Additionally, organizations should evaluate alternative camera models with stronger bootloader protections if physical security cannot be guaranteed. Establishing a robust asset management process to track device versions and firmware status will aid in timely vulnerability management.