High severity7.5NVD Advisory· Published Sep 22, 2025· Updated Apr 15, 2026
CVE-2025-57440
CVE-2025-57440
Description
The Blackmagic ATEM Mini Pro 2.7 exposes an undocumented Telnet service on TCP port 9993, which accepts unauthenticated plaintext commands for controlling streaming, recording, formatting storage devices, and system reboot. This interface, referred to as the "ATEM Ethernet Protocol 1.0", provides complete device control without requiring credentials or encryption. An attacker on the same network (or with remote access to the exposed port) can exploit this interface to execute arbitrary streaming commands, erase disks, or shut down the device - effectively gaining full remote control.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =2.7
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.