Detections
Analytics
Sony Camera SNC-CX600W Cross-site scripting (CVE-2025-64730)
medium Tenable OT Security Plugin ID 504815
Synopsis
The remote OT asset is affected by a vulnerability.Description
Cross-site scripting vulnerability exists in SNC-CX600W. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the product.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://jvn.jp/en/jp/JVN75140384/
https://www.sony.com/electronics/support/ip-cameras-fixed/snc-cx600w
Plugin Details
Severity: Medium
ID: 504815
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 12/4/2025
Updated: 12/4/2025
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Low
Score: 3.8
CVSS v3
Risk Factor: Medium
Base Score: 5.2
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Information
CPE: cpe:/o:sony:snc-cx600w_firmware
Required KB Items: Tenable.ot/Sony
Patch Publication Date: 11/25/2025
Vulnerability Publication Date: 11/25/2025
Reference Information
CVE: CVE-2025-64730
CWE: 79