CVE-2025-57440

HIGH

Blackmagic ATEM Mini Pro - Unauthenticated RCE

Title source: llm

Description

The Blackmagic ATEM Mini Pro 2.7 exposes an undocumented Telnet service on TCP port 9993, which accepts unauthenticated plaintext commands for controlling streaming, recording, formatting storage devices, and system reboot. This interface, referred to as the "ATEM Ethernet Protocol 1.0", provides complete device control without requiring credentials or encryption. An attacker on the same network (or with remote access to the exposed port) can exploit this interface to execute arbitrary streaming commands, erase disks, or shut down the device - effectively gaining full remote control.

References (2)

Core 2

Core References

Various Sources

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57440

View Writeup ZIP pw:eip

Various Sources

https://www.blackmagicdesign.com/

Scores

CVSS v3 7.5

EPSS 0.0004

EPSS Percentile 11.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-400

Status published

Published Sep 22, 2025

Tracked Since Feb 18, 2026