PatchSiren cyber security CVE debrief
CVE-2026-50005 Brickcom CVE debrief
A vulnerability was discovered in Brickcom cameras, which are shipped with default credentials. This allows any unauthenticated remote attacker to silently access camera feeds. The vulnerability has a CVSS v4 score of 8.3, indicating a high severity.
- Vendor
- Brickcom
- Product
- Cube
- CVSS
- HIGH 8.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-12
Who should care
Administrators and users of Brickcom cameras should be aware of this vulnerability and take necessary actions to secure their devices.
Technical summary
The vulnerability is caused by default credentials being used in Brickcom cameras, allowing unauthenticated remote attackers to access camera feeds. The CVSS v4 vector for this vulnerability is AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.
Defensive priority
HIGH
Recommended defensive actions
- Change default credentials for Brickcom cameras
- Restrict access to camera feeds
- Regularly update and patch Brickcom cameras
Evidence notes
The vendor of the affected product is currently listed as 'Unknown Vendor'. However, based on the evidence provided, it appears that the vendor may be related to Brickcom.
Official resources
CVE-2026-50005 was published on 2026-06-11T21:16:22.140Z and modified on 2026-06-12T16:06:47.720Z.