Detections
Analytics
Sony Camera SNC-CX600W Cross-Site Request Forgery (CVE-2025-62497)
medium Tenable OT Security Plugin ID 504814
Synopsis
The remote OT asset is affected by a vulnerability.Description
Cross-site request forgery vulnerability exists in SNC-CX600W versions prior to Ver.2.8.0. If a user accesses a specially crafted webpage while logged in, unintended operations may be performed.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://jvn.jp/en/jp/JVN75140384/
https://www.sony.com/electronics/support/ip-cameras-fixed/snc-cx600w
Plugin Details
Severity: Medium
ID: 504814
Version: 1.2
Type: remote
Family: Tenable.ot
Published: 12/3/2025
Updated: 12/4/2025
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Vulnerability Information
CPE: cpe:/o:sony:snc-cx600w_firmware
Required KB Items: Tenable.ot/Sony
Patch Publication Date: 11/25/2025
Vulnerability Publication Date: 11/25/2025
Reference Information
CVE: CVE-2025-62497
CWE: 352