[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-brickcom-security-advisory-flags-unauthenticated-camera-access":10},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":30,"persona_id":22,"persona_name":22,"section":22,"tags":31,"sources":35,"feedback":39,"feedback_at":22,"cost_usd":39,"total_tokens":39},1001,"brickcom-security-advisory-flags-unauthenticated-camera-access","Brickcom security advisory flags unauthenticated camera access","CISA warns that Brickcom cameras expose live feeds and default credentials, urging isolation until patches appear.","Brickcom’s latest camera line harbors two high‑severity flaws that let anyone on the network view live video and grab admin control.\n\nCISA’s advisory lists CVE‑2026‑50245, which skips authentication on the ONVIF endpoint, and CVE‑2026‑50005, which ships devices with unchanged default logins. Both affect the Cube, Dome, Bullet and Box models at firmware version 3.2.3.5.6, scoring 7.7 to 8.3 on the CVSS scale. Brickcom has not responded to coordination requests, leaving the bugs unpatched.\n\nThe practical impact is that an unauthenticated attacker could monitor premises, siphon visual data, or reconfigure cameras without detection. For sectors ranging from healthcare to finance, such blind spots translate into privacy breaches and potential sabotage of physical security systems. Network exposure is the weakest link; keeping these devices off the internet and behind firewalls buys time.\n\nUntil Brickcom releases fixes, the safest play is to isolate the cameras on a segmented VLAN, block inbound traffic, and consider temporary cover‑up solutions. In short, the flaws are severe, remain unpatched, and demand immediate network isolation or mitigation.","[\"security\",\"iot\",\"cisa\"]","2026-06-11T12:00:00.000Z","2026-06-16T03:17:07.330Z","2026-06-16T03:17:13.863Z","published",null,[24],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"Add a brief concluding paragraph that restates the key takeaway—these Brickcom camera flaws are high‑severity, unpatched, and require immediate network isolation or mitigation.","resolved","https:\u002F\u002Fcdn.xyz.onl\u002Farticle-images\u002Fbrickcom-security-advisory-flags-unauthenticated-camera-access.webp",[32,33,34],"security","iot","cisa",[36],{"name":37,"url":38},"CISA Advisories","https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Fics-advisories\u002Ficsa-26-162-03",0]