FICTIONAL PUBLIC DEMONo case data is saved. Exports are watermarked and not for submission.
demo

Actively exploited vulnerability in AcmeVision Smart Camera

DEMO-SMART-CAMERA-2026 · AcmeVision is fictional

Deadline calculator

Nothing is stored
Reset sample

For vulnerability cases, the final-report clock starts when a corrective or mitigating measure becomes available. For severe incidents, it starts when the incident notification is submitted.

Completeness100%
24-hour early warning2026-07-11T08:00Z
72-hour notification2026-07-13T08:00Z
Final report2026-07-25T04:00Z14 days after a corrective or mitigating measure became available

Why this scenario matters

Actively exploited vulnerability

A command-injection vulnerability in the remote diagnostics endpoint is reported as actively exploited against internet-exposed devices.

Product
AcmeVision HomeCam X2 4.3.1
Affected
4.0.0–4.3.1
Known Member States
Germany, France, Netherlands, Spain
Impact
Successful exploitation may allow arbitrary command execution, unauthorised access to camera feeds and configuration changes.

Prepared mitigation information

Manufacturer

Disabled cloud relay access to the diagnostics endpoint and deployed server-side blocking rules.

Users

Disable remote diagnostics, restrict device network exposure and apply firmware 4.3.2 when available.

Corrective measure

Firmware 4.3.2 removes the legacy handler and replaces the utility call with a parameter-safe implementation.