CVE Catalog

CVE-2025-63674

MediumCVSS 6.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

18th percentile - higher than 18% of all known CVEs

Summary

A vulnerability in Blurams Lumi Security Camera (A31C) firmware v23.1227.472.2926 allows a local physical attacker to execute arbitrary code by overwriting the bootloader on the SD card.

Risk Assessment

The risk involves potential device takeover by an attacker with physical access, which could compromise the confidentiality of the monitored area or be used as an entry point into the network.

Recommendation

Immediately update the camera firmware to the latest version and secure physical access to the device by placing it in a hard-to-reach location.

Original NVD description (English source)

An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers to execute arbitrary code via overriding the bootloader on the SD card.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS