longwatch patch

About this tag
The longwatch patch tag covers a critical remote code execution vulnerability (CVE-2025-13658) in Industrial Video & Control's Longwatch video surveillance platform. An exposed HTTP endpoint in versions 6.309 through 6.334 allows unauthenticated attackers to execute arbitrary code at SYSTEM privileges via crafted GET requests. CISA advisory rates the flaw as critical (CVSS 9.8 v3.1, 9.3 v4), affecting Energy and Water/Wastewater sectors. The recommended fix is upgrading to Longwatch 6.335 or later. This tag focuses on urgent patching guidance for industrial control system environments using Longwatch.
  1. Critical Longwatch RCE CVE-2025-13658: Patch to 6.335 Now

    A severe, unauthenticated remote code‑execution vulnerability in Industrial Video & Control’s Longwatch video surveillance and monitoring platform has been disclosed by CISA: an exposed HTTP endpoint in Longwatch versions 6.309 through 6.334 allows specially crafted HTTP GET requests to execute...