CVE-2025-63674
MediumCVSS 6.8Exploitation Probability (EPSS)
Low risk18th percentile - higher than 18% of all known CVEs
Summary
A vulnerability in Blurams Lumi Security Camera (A31C) firmware v23.1227.472.2926 allows a local physical attacker to execute arbitrary code by overwriting the bootloader on the SD card.
Risk Assessment
The risk involves potential device takeover by an attacker with physical access, which could compromise the confidentiality of the monitored area or be used as an entry point into the network.
Recommendation
Immediately update the camera firmware to the latest version and secure physical access to the device by placing it in a hard-to-reach location.
Original NVD description (English source)
An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers to execute arbitrary code via overriding the bootloader on the SD card.

