ID: XM-SN-XMSRC26001
Initial Release Date: 2026-04-30
CVEID:CVE-2025-65856
Summary
The XM530V200_X6-WEQ_8M V5.00.R02.000807D8.10010.346624.S.ONVIF version 21.06 device has a security vulnerability. This vulnerability stems from authentication bypass, which may allow an unauthorized remote attacker to access sensitive device information and live video streams.
Software Versions and Fix
Impact
Devices accessed from the external network are not affected by this risk.
This risk exists only on the local area network (LAN) when the device has ONVIF password verification disabled.
Users can access the device and enable the ONVIF password verification feature to mitigate this risk.
Documentation for enabling ONVIF password verification can be downloaded from the following link:
Link:
Vulnerability Scoring Details
The vulnerability classification has been performed using the CVSSv3 scoring system (http://www.first.org/cvss/specification-document)
Base Score: 8.8 (Components: AV:A / AC:L / PR:N / UI:N / S:U / C:H / I:H / AH:)
Obtaining Device Firmware
Please contact XiongMai technical support engineer for upgrade.
Or download the firmware online:
Revision History
2026-04-30 V1.0
Tel: +86-0571-23271188
Email: oversea_sales@xiongmaitech.com
Address: Building No.9, Yinhu Innovation Center, Hangzhou, China
SiteMap Hangzhou Jufeng Technology HiSilicon (Shanghai) Technologies NEXTCHIP TEXAS Instruments XM Cloud
COPYRIGHT © 2015 XM RIGHTS RESERVED Zhejiang ICP No.10052164-1 Website construction: Broadcull network
