Initiativen für
    
    Als nationale Behörde für Cybersicherheit hat das ZCB mehrere Initiativen für bestimmte Zielgruppen entwickelt, die hier vorgestellt werden.
      
     
                  Last update: 11/09/2025
Affected products:
- AxxonSoft's AxxonOne Video Management System (VMS) versions 2.0.8 and earlier
- AxxonSoft's AxxonOne VMS versions 2.0.0 through 2.0.4.
Type:
- Dependency on Vulnerable Third-Party Component, respectively, Authentication Bypass
CVE/CVSS:
- CVE-2025-10226: CVSS 9.8 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)
- CVE-2025-10220: CVSS 9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)
AxxonSoft - https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories#CVE-2025-10220
Two critical vulnerabilities have been identified in AxxonSoft Axxon One, a widely deployed video management software (VMS) platform.
Since AxxonOne is a security management platform often used for video surveillance and physical security management, exploitation could lead to severe consequences, allowing remote attackers to:
The very high CVSS score of both vulnerabilities indicates maximum potential damage across confidentiality, integrity, and availability, allowing the attacker to gain remote a full system compromise.
CVE-2025-10226 (CVSS 9.8) is a critical vulnerability identified in AxxonSoft's AxxonOne VMS version 2.0.8 and earlier, which affects both Windows and Linux deployments. The root cause of this vulnerability lies in the product's dependency on an outdated and vulnerable version of the PostgreSQL database backend, specifically PostgreSQL version 10. x.
A remote attacker could escalate privileges to gain unauthorised system access, execute arbitrary code with high-level system permissions, or cause a denial-of-service (DoS) attack via the exploitation of multiple known CVEs present in PostgreSQL v10.x.
CVE-2025-10220 (CVSS 9.3)  is a critical vulnerability identified in AxxonSoft's AxxonOne VMS versions 2.0.0 through 2.0.4 running on Windows. The root cause is the use of unmaintained third-party NuGet components, such as Google. Protobuf, DynamicData, and System.Runtime.CompilerServices.Unsafe, which contain known security flaws that have not been patched or updated.
An unauthenticated remote attacker can exploit these vulnerable components to execute arbitrary code or bypass security controls, potentially gaining complete control over the affected system.
Patch 
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect 
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/cert/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.