CVE-2025-57432

{"id": "CVE-2025-57432", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-09-22T16:15:44.753", "references": [{"url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57432", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.blackmagicdesign.com/", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57432", "tags": ["Exploit", "Third Party Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "Blackmagic Web Presenter version 3.3 exposes a Telnet service on port 9977 that accepts unauthenticated commands. This service allows remote attackers to manipulate stream settings, including changing video modes and possibly altering device functionality. No credentials or authentication mechanisms are required to interact with the Telnet interface."}], "lastModified": "2025-10-14T19:56:50.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:blackmagicdesign:web_presenter_hd_firmware:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ACF4FB7-6908-4CF9-87A6-40B6136E171B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:blackmagicdesign:web_presenter_hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2078F064-D32A-4BAC-B0AC-20641B30DB55"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:blackmagicdesign:web_presenter_4k_firmware:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C651A33-3D9B-4C19-9136-EC5CD86D96EF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:blackmagicdesign:web_presenter_4k:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED01C512-99FE-40FF-943A-6841ACBBC7D1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}