{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T03:03:38.783","vulnerabilities":[{"cve":{"id":"CVE-2025-0360","sourceIdentifier":"product-security@axis.com","published":"2025-03-04T06:15:30.180","lastModified":"2026-01-22T20:59:43.883","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API."},{"lang":"es","value":"Durante una prueba de penetración anual realizada en nombre de Axis Communication, Truesec descubrió una falla en el marco de configuración del dispositivo VAPIX que podría generar un nivel de privilegio de usuario incorrecto en la API D-Bus de la cuenta de servicio VAPIX."}],"metrics":{"cvssMetricV31":[{"source":"product-security@axis.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"product-security@axis.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*","versionStartIncluding":"11.11.0","versionEndExcluding":"12.2.41","matchCriteriaId":"6D92D756-A9D3-445F-B4E6-B3FC2D1FB081"},{"vulnerable":true,"criteria":"cpe:2.3:o:axis:axis_os_2024:*:*:*:*:lts:*:*:*","versionEndExcluding":"11.11.135","matchCriteriaId":"A3ACD321-ABF7-46AE-A389-E8FD76EF0C51"}]}]}],"references":[{"url":"https://www.axis.com/dam/public/b1/fe/46/cve-2025-0360pdf-en-US-466887.pdf","source":"product-security@axis.com","tags":["Vendor Advisory"]}]}}]}