PatchSiren cyber security CVE debrief
CVE-2025-7742 LG Innotek CVE debrief
CVE-2025-7742 is a publicly disclosed authentication vulnerability in LG Innotek LNV5110R camera firmware. According to the CISA CSAF advisory, a malicious actor may upload an HTTP POST request to the device’s non-volatile storage, which may lead to remote code execution with administrator-level command execution. LG notes the product is end-of-life and can no longer be patched, so defenders should focus on isolation, access restriction, and replacement planning.
- Vendor
- LG Innotek
- Product
- LNV5110R
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-07-25
- Original CVE updated
- 2025-07-25
- Advisory published
- 2025-07-25
- Advisory updated
- 2025-07-25
Who should care
Organizations operating LG Innotek LNV5110R cameras, especially environments that expose device management interfaces to broader networks or rely on legacy/end-of-life equipment, should treat this as a priority review item. Network defenders and asset owners responsible for camera fleets, site security systems, and industrial/operational environments that use the device should assess exposure and compensating controls.
Technical summary
The advisory describes an authentication weakness in LG Innotek LNV5110R firmware. It allows a malicious actor to submit an HTTP POST request that reaches the device’s non-volatile storage, and the impact may include remote code execution that runs arbitrary commands at administrator privilege level. The provided CVSS v3.1 vector is AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L, with a score of 7.0 (High).
Defensive priority
High: the issue can enable network-based admin-level command execution, and the vendor notes the affected product is end-of-life with no patch path available.
Recommended defensive actions
- Identify whether any LG Innotek LNV5110R devices are deployed, including legacy or rarely used units.
- Remove or tightly restrict network access to device management interfaces; prefer ACLs, VPN-only administration, or isolated management segments.
- Place affected devices behind segmentation controls and limit exposure to trusted management hosts only.
- Treat the device as unpatchable unless the vendor provides a specific supported remediation path; plan replacement or retirement.
- Review available logs and network telemetry for unusual HTTP POST activity or unexpected management access to the device.
- Follow CISA ICS recommended practices and defense-in-depth guidance for containment and access control.
Evidence notes
CISA’s CSAF advisory for ICSA-25-205-04, published and last modified on 2025-07-25, identifies CVE-2025-7742 as affecting LG Innotek LNV5110R products (vers:all/*). The source description states that an authentication vulnerability may permit HTTP POST upload to non-volatile storage and lead to remote code execution with administrator privileges. The advisory metadata also supplies CVSS v3.1 vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L and a score of 7.0. Remediation notes state the product is end-of-life and can no longer be patched, with LG Security Center referenced for further guidance.
Official resources
-
CVE-2025-7742 CVE record
CVE.org
-
CVE-2025-7742 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA in advisory ICSA-25-205-04 on 2025-07-25. The supplied data does not list the issue in CISA KEV and does not indicate ransomware-campaign use.