CVE-2025-6031 - Insecure device pairing in end-of-life Amazon Cloud Cam
Scope: Amazon Content Type: Informational Publication Date: 2025/06/12 10:30 AM PDT Description Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status. The device defaults to a pairing status in which an arbitrary user can bypass SSL pinning to associate the device to an arbitrary network, allowing for network traffic interception and modification. Affected version: All
CSIRTS triage
- What
- The end-of-life Cloud Cam allows insecure device pairing, enabling network traffic interception.
- Who is affected
- Users of the Amazon Cloud Cam, which is no longer supported.
- Urgency
- Remediation is important as the device is vulnerable to network attacks.
- Action
- Discontinue use of the Amazon Cloud Cam.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Cloud Cam
Get an email when a new Cloud Cam advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://aws.amazon.com/security/security-bulletins/rss/aws-2025-013/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2025-60310.24% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 16% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2025-6031 | coverage & exploitation status | NVD · CVE.org |
Recent advisories for - Insecure device
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- mediumCVE-2026-57157: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP serv…nvd · 2026-07-10
- highCVE-2026-55672: ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's …nvd · 2026-07-10
- highCVE-2026-56254: In @capgo/capacitor-updater (Cap-go/capgo) before 12.128.2, the end-to-end encryption scheme d…nvd · 2026-07-10
- highCVE-2026-38059: The iDirect iQ200 exposes the /api/identity and /api/ REST API endpoints without authenticatio…nvd · 2026-07-10
- unknownCVE-2026-21056: Improper authorization in Samsung Health prior to version 7.00.0.107 allows local attackers to…nvd · 2026-07-10
- mediumCVE-2026-57032: An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine (pf…nvd · 2026-07-09
More from AWS Security Bulletins
- unknownCVE-2026-14904 - Improper Link Resolution in Auth.GetUserPrivateKey in AWS Research and Engineering Studio2026-07-07
- unknownCVE-2026-14471 - Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-…2026-07-06
- unknownCVE-2026-14265- Deserialization of Untrusted Data in AWS Advanced JDBC Wrapper RemoteQueryCachePlugin2026-07-01
- unknownCVE-2026-13760 - OS Command Injection in NodejsFunction Docker Bundling in aws-cdk-lib2026-07-01
- unknownCVE-2026-13769 – Insecure file permissions in AWS CLI2026-07-01