{
  "schema": "https://18031cra.com/schemas/cra-rapid-reporter/v1/case.json",
  "generator": {
    "name": "CRA Rapid Reporter",
    "version": "1.0.0"
  },
  "generated_at": "2026-07-11T22:49:12+00:00",
  "disclaimer": "Independent reporting-preparation output. Not an ENISA or European Commission service; not legal advice; not a compliance guarantee; and not proof that a legal notification was submitted.",
  "case": {
    "public_id": "DEMO-SMART-CAMERA-2026",
    "title": "Actively exploited vulnerability in AcmeVision Smart Camera",
    "report_type": "vulnerability",
    "status": "review",
    "manufacturer": {
      "name": "AcmeVision Devices Ltd. (fictional)",
      "country": "Singapore",
      "eu_main_establishment_country": "Germany",
      "contact_name": "Maya Chen",
      "contact_email": "psirt@example.invalid"
    },
    "product": {
      "name": "AcmeVision HomeCam X2",
      "model": "AV-HCX2",
      "version": "4.3.1",
      "affected_versions": "4.0.0–4.3.1",
      "member_states": "Germany, France, Netherlands, Spain"
    },
    "timeline": {
      "discovered_at": "2026-07-10T06:30+00:00",
      "awareness_at": "2026-07-10T08:00+00:00",
      "incident_notification_submitted_at": null,
      "corrective_measure_at": "2026-07-11T04:00+00:00",
      "calculated_deadlines": {
        "awareness_at": "2026-07-10T08:00Z",
        "early_warning_due": "2026-07-11T08:00Z",
        "notification_due": "2026-07-13T08:00Z",
        "final_report_due": "2026-07-25T04:00Z",
        "final_report_basis": "14 days after a corrective or mitigating measure became available"
      }
    },
    "assessment": {
      "summary": "A command-injection vulnerability in the remote diagnostics endpoint is reported as actively exploited against internet-exposed devices.",
      "nature_and_exploit": "Unauthenticated crafted requests can reach a legacy diagnostics handler. Available telemetry indicates automated exploitation from multiple source networks.",
      "initial_assessment": "Exposure is limited to devices with remote diagnostics enabled and directly reachable from the public internet.",
      "severity": "critical",
      "impact_summary": "Successful exploitation may allow arbitrary command execution, unauthorised access to camera feeds and configuration changes.",
      "affected_data_or_functions": "Video stream confidentiality, device configuration integrity and service availability.",
      "suspected_malicious": "yes",
      "malicious_actor_info": "No reliable attribution available. Activity appears opportunistic and automated.",
      "root_cause": "Legacy diagnostics handler did not validate shell metacharacters before invoking a system utility.",
      "malicious_code_possible": true
    },
    "measures": {
      "manufacturer_mitigation": "Disabled cloud relay access to the diagnostics endpoint and deployed server-side blocking rules.",
      "user_mitigation": "Disable remote diagnostics, restrict device network exposure and apply firmware 4.3.2 when available.",
      "corrective_measure_details": "Firmware 4.3.2 removes the legacy handler and replaces the utility call with a parameter-safe implementation.",
      "ongoing_actions": "Customer notification draft, affected fleet analysis and retrospective log review."
    },
    "handling": {
      "sensitivity": "sensitive",
      "confidentiality_notes": "Exploit details should be handled under coordinated disclosure until the update is broadly available."
    },
    "review": {
      "reviewer_name": "Alex Morgan",
      "reviewer_role": "Product Security Lead",
      "decision": "review",
      "notes": "Demonstration data only. Confirm affected Member States and corrective-measure availability time.",
      "approved_at": null
    },
    "completeness": {
      "score": 100,
      "completed": 13,
      "total": 13,
      "missing": []
    },
    "created_at": "2026-07-10T08:05+00:00",
    "updated_at": "2026-07-11T05:00+00:00"
  },
  "evidence": [],
  "audit": []
}