PatchSiren cyber security CVE debrief
CVE-2025-30515 CyberData CVE debrief
CVE-2025-30515 is a critical vulnerability in the CyberData 011209 SIP Emergency Intercom that could let an authenticated attacker upload arbitrary files to multiple locations on the system. The affected product is CyberData 011209 SIP Emergency Intercom versions earlier than 22.0.1, and CyberData’s stated mitigation is to update to v22.0.1. Because the issue is network-reachable and the supplied CVSS vector is rated 9.8, this should be treated as a high-priority patching item for any exposed or operationally important deployment.
- Vendor
- CyberData
- Product
- 011209 SIP Emergency Intercom
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-06-05
- Original CVE updated
- 2025-06-05
- Advisory published
- 2025-06-05
- Advisory updated
- 2025-06-05
Who should care
Industrial control system operators, physical security teams, telecom/VoIP administrators, facilities teams, and vulnerability management teams responsible for CyberData 011209 SIP Emergency Intercom deployments.
Technical summary
The supplied advisory material indicates an authenticated arbitrary file upload weakness affecting CyberData 011209 SIP Emergency Intercom versions <22.0.1. The CVSS 3.1 vector provided is AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating remote network attackability with high confidentiality, integrity, and availability impact in the advisory context. The source corpus identifies the vendor remediation as upgrading to v22.0.1.
Defensive priority
Critical. Patch as soon as practical, especially if the device is reachable from broader network segments or supports operational workflows that cannot tolerate compromise or tampering.
Recommended defensive actions
- Upgrade CyberData 011209 SIP Emergency Intercom to v22.0.1 as recommended by the vendor.
- Inventory all deployed 011209 devices and confirm which ones are running versions earlier than 22.0.1.
- Restrict network exposure to the intercom device to only necessary management and operational paths.
- Apply ICS segmentation and defense-in-depth controls consistent with CISA recommended practices.
- Review system logs and file integrity for unexpected uploads or changes on affected devices.
- Validate backups and recovery procedures for the device configuration and any dependent operational settings.
Evidence notes
All substantive claims are taken from the supplied CISA CSAF advisory data for ICSA-25-155-01 / CVE-2025-30515 and its referenced official links. The source corpus states that CyberData 011209 SIP Emergency Intercom versions <22.0.1 are affected, that the issue can allow an authenticated attacker to upload arbitrary files to multiple locations, and that CyberData recommends updating to v22.0.1. The supplied CVSS data is 9.8 CRITICAL with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Official resources
-
CVE-2025-30515 CVE record
CVE.org
-
CVE-2025-30515 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Initial publication date supplied in the source corpus: 2025-06-05T06:00:00.000Z. The advisory was initially published by CISA as ICSA-25-155-01 on the same date.