CVE-2025-6531

Name of the Vulnerable Software and Affected Versions: SIFUSM/MZZYG BD S1 up to 20250611

Description: A vulnerability was found in the component RTSP Live Video Stream Endpoint, leading to improper access controls. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. This dashcam is distributed by multiple resellers and different names.

Recommendations: For SIFUSM/MZZYG BD S1 up to 20250611, consider restricting access to the RTSP Live Video Stream Endpoint to minimize the risk of exploitation. As a temporary workaround, limit access to the local network to reduce the potential for attack. At the moment, there is no information about a newer version that contains a fix for this vulnerability.