Product Security

Overview

Axis follows industry best practices in managing and responding to security vulnerabilities in our products to minimize customers risk of exposure. Axis cannot guarantee that products and services are free from flaws that may be exploited for malicious attacks.

Contact information

If you identify a security vulnerability in an Axis product or service, please report the problem immediately. Timely identification of security vulnerabilities is critical to eliminating potential threats. 

End-users, partners, vendors, industry groups and independent researchers that have identified a potential risk are encouraged to contact via email to product-security@axis.com. You are welcome to use our public PGP key to encrypt sensitive content.

Note: product-security@axis.com will only respond to possible product vulnerabilities. For general questions and requests contact: Technical support: www.axis.com/support 

General: www.axis.com/contact-us

News update

2018-06-18 Security Advisory ACV-128401 published.  Please follow our recommedations.

2018-04-13 Security Announcement ACV-128401.  Axis recommends to patch affected models

2017-12-01 Security Advisory for ACV-120444 Axis CGI parser published.  Latest firmware patches this vulnerability.

2017-11-28 Security Advisory for CVE-2016-2147/48 (Busybox/DHCP) and CVE-2016-6255/CVE-2016-8863 (UPnP)

2017-07-10 Security Advisory for ACV-116267 ("Devil's Ivy").  List of affected products

Stay updated on potential product vulnerabilities

Subscribe to Axis Security Advisory Notification email to receive notifications if a critical vulnerability would occur in Axis products and solutions – and advice on appropriate actions to take. In this email you can also be informed about potential risks that we see and our new tools and services which can reduce risks. 

Please note that this email will not be used for marketing purposes.