CRITICAL🇵🇱 Wersja polska

CVE-2025-57441

CVSS 9.8v3.1pub. 2025-09-22upd. 2025-10-17

The Blackmagic ATEM Mini Pro 2.7 exposes sensitive device and stream configuration information via an unauthenticated Telnet service on port 9990. Upon connection, the attacker can access a protocol preamble that leaks the video mode, routing configuration, input/output labels, device model, and even internal identifiers such as the unique ID. This can be used for reconnaissance and planning further attacks.

🤖 AI Analysis
How it works

Upon connecting to the Telnet service on port 9990, the device automatically transmits a protocol preamble containing detailed configuration information. This data includes video mode, routing configuration, input and output labels, device model, and internal identifiers, including a unique device ID. The service requires no authentication, meaning any entity with network access to the device can retrieve this information. The disclosed data can be used for detailed environment reconnaissance and planning further attacks.

Impact

An attacker gains detailed knowledge of the device configuration and video production environment without requiring any privileges. Collected information can be used to precisely plan further attacks on network infrastructure or services associated with the device.

Mitigation & patch

Patches available from the manufacturer should be applied according to the references. Until an update is applied, it is recommended to block access to port 9990 (Telnet) at the firewall or network switch level and isolate the device in a dedicated VLAN segment inaccessible from the internet or unauthorized user networks.

Who is affected

Blackmagic ATEM Mini Pro with firmware version 2.7

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Blackmagicdesign Atem Mini Pro

    HW
    Blackmagicdesign
    wszystkie wersje
  • Blackmagicdesign Atem Mini Pro Firmware

    OS
    Blackmagicdesign
    2.7
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-57432CRITICAL9.8PL ✓ten sam vendor

Blackmagic Web Presenter — nieuwierzytelniony dostęp do usługi Telnet

CVE-2025-57437CRITICAL9.8PL ✓ten sam vendor

Blackmagic Web Presenter HD — ujawnienie wrażliwych danych przez nieuwierzytelniony Telnet

CVE-2021-40417CRITICAL9.8ten sam vendor

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination ...

CVE-2021-40418CRITICAL9.8ten sam vendor

When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over...