The Blackmagic ATEM Mini Pro 2.7 exposes sensitive device and stream configuration information via an unauthenticated Telnet service on port 9990. Upon connection, the attacker can access a protocol preamble that leaks the video mode, routing configuration, input/output labels, device model, and even internal identifiers such as the unique ID. This can be used for reconnaissance and planning further attacks.
References
| Link | Resource |
|---|---|
| https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57441 | Exploit Third Party Advisory |
| https://www.blackmagicdesign.com/ | Product |
Configurations
Configuration 1 (hide)
| AND |
|
History
17 Oct 2025, 20:34
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Blackmagicdesign atem Mini Pro Firmware
Blackmagicdesign Blackmagicdesign atem Mini Pro |
|
| References | () https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57441 - Exploit, Third Party Advisory | |
| References | () https://www.blackmagicdesign.com/ - Product | |
| CPE | cpe:2.3:h:blackmagicdesign:atem_mini_pro:-:*:*:*:*:*:*:* cpe:2.3:o:blackmagicdesign:atem_mini_pro_firmware:2.7:*:*:*:*:*:*:* |
22 Sep 2025, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-09-22 18:15
Updated : 2025-10-17 20:34
NVD link : CVE-2025-57441
Mitre link : CVE-2025-57441
CVE.ORG link : CVE-2025-57441
JSON object : View
Products Affected
blackmagicdesign
- atem_mini_pro_firmware
- atem_mini_pro
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor