Key Information Vulnerability Details CVE ID: CVE-2025-57432 Product: Blackmagic Web Presenter Version: Firmware/Software Version 3.3 Vulnerability Type: Code Execution (CE) Vulnerable Component Affected Component: Embedded Telnet Control Interface Vulnerable Endpoint Attack Vector Remote unauthenticated Telnet session via TCP port 9977 Description Blackmagic Web Presenter version 3.3 exposes a Telnet service on port 9977 that accepts unauthenticated commands. This allows remote attackers to manipulate stream settings, including changing video modes and potentially disrupting device functionality. No authentication or authorization mechanism is required to interact with the Telnet interface. Exploitation Steps 1. Connect to the device via Telnet: 2. Send stream configuration commands: 3. Observe response: - If command succeeds: - If command fails: Impact Disruption of critical streaming workflows Induction of erroneous behavior Interruption of live broadcasts Interference with access to content on storage paths Potential invalidation of other attack vectors due to configuration changes Discoverer Mohamed Shahat Recommended Mitigations Disable or restrict access to port 9977 (via firewall or Access Control List ACL) Authenticate all commands sent to the Telnet service Provide alternative functionality to prevent unintended behavior (e.g., logging and alerting unauthorized Telnet access by Blackmagic engineers) Remediation Place the device within a VPN or internal network segment Use hardware "firewall" to block access to port 9977 Monitor all workstation system change logs to detect anomalous activity