CVE-2025-57441CRITICAL 9.8EPSS p39.9%

CVE-2025-57441CVE-2025-57441

Description

The Blackmagic ATEM Mini Pro 2.7 exposes sensitive device and stream configuration information via an unauthenticated Telnet service on port 9990. Upon connection, the attacker can access a protocol preamble that leaks the video mode, routing configuration, input/output labels, device model, and even internal identifiers such as the unique ID. This can be used for reconnaissance and planning further attacks.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.52% probability of exploitation · percentile 39.9% · 2026-06-19T12:03:05Z
Published2025-09-22
Last modified2025-10-17

Underlying weaknesses· 1

CWE-200

References

  1. https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57441
  2. https://www.blackmagicdesign.com/

1

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-2000%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-57437
CVE
CVE-2025-57432
CVE
CVE-2025-54497
CVE
CVE-2026-8598
CVE
CVE-2025-54455
CVE
CVE-2025-1907
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.