CVE-2025-30183 CyberData CVE debrief

Who should care

Organizations using CyberData 011209 SIP Emergency Intercom devices, especially OT/ICS operators, facilities teams, physical security teams, and administrators responsible for device management interfaces.

Technical summary

The advisory assigns CVSS 3.1 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating a network-reachable issue with no privileges or user interaction required and high confidentiality impact. CISA’s CSAF describes the problem as improper storage or protection of web server admin credentials in CyberData 011209 SIP Emergency Intercom devices affected before v22.0.1. The listed remediation is to update to v22.0.1.

Defensive priority

High — the issue is network-accessible, requires no authentication or user interaction, and involves admin credential protection on an intercom used in operational environments.

Recommended defensive actions

• Update CyberData 011209 SIP Emergency Intercom devices to v22.0.1, per the vendor remediation.
• Inventory deployed 011209 SIP Emergency Intercom assets and verify whether any instances are running versions earlier than 22.0.1.
• Review administrative access paths for the device and confirm management interfaces are restricted to trusted networks.
• Apply CISA ICS recommended practices and defense-in-depth guidance for segmentation, access control, and monitoring.
• Track vendor and CISA advisories for any additional hardening or follow-up guidance related to this device.

Evidence notes

Primary evidence comes from CISA’s CSAF advisory ICSA-25-155-01, published 2025-06-05, which identifies CVE-2025-30183 and the affected product as CyberData 011209 SIP Emergency Intercom: <22.0.1. The advisory description states the intercom does not properly store or protect web server admin credentials. The remediation field recommends updating to v22.0.1. The CSAF also provides CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Official resources