AXIS OS Release Notes - User manual

AXIS OS Portal | AXIS OS Knowledge base | AXIS OS YouTube playlist| AXIS OS Hardening Guide | Security Advisories

Welcome to the AXIS OS Release Notes, a repository for the release notes about new features, security and other improvements for different AXIS OS tracks. AXIS OS is the Linux-based operating system used in most of your Axis network devices. It’s purpose-built to live up to the most important criteria(s) for network devices: high standards for cybersecurity, ease of integration, quality, and long-term value.

• Release notes for the archived AXIS OS releases are accessible in the AXIS OS Release Notes Archive.

• More information about the AXIS OS upgrade recommendations and upgrade strategy can be found in the AXIS OS Lifecycle.

• In the AXIS OS Knowledge base you will find more information about AXIS OS features and functionality.

Go to Products on active track - AXIS OS 12 for a list of products on this track.

Release date: 2024-11-13

Features for all products

• Added a new recommended default authentication mode for the root.Network.HTTP.AuthenticationPolicy parameter which enables basic authentication for HTTPS connections to follow the IT-industry standard. Digest authentication is possible to enable for unencrypted HTTP connections. More information about this mode can be found in the VAPIX Library.

• Added the possibility to specify which video format should be used by default in the web client by setting the parameter Plain config > Layout > Default video format.

• Added support for multiple dynamic text overlay in ADA and actoin rules.

• Increased the possible maximum length of the MQTT overlay key.

• Added support for Extreme Networks' Fabric Attach™ through LLDP-TLV extension which is enabled by default to allow for simplified and automated device onboarding. For more information, please visit the AXIS OS Knowledge base.

Cybersecurity updates

• Updated cURL to version 8.10.1 to increase overall cybersecurity level.

• Addressed CVE-2024-8772 and CVE-2024-8160. These CVEs will be externally disclosed on 26 November 2024 as part of our ongoing commitment to cybersecurity. Detailed information will follow then. For more information, please visit the Axis vulnerability management portal.

• Added the possibility to set new global HTTP/HTTPS proxy settings in the web interface under System > Network.

• Restricted access to param.cgi so that only authorized administrators can configure privacy masks.

Breaking changes

• Removed the obsolete IPFilter param.cgi parameters as the new Firewall Service is replacing them appropriately.
  The removed parameters are Network.Filter.Enabled, Network.Filter.Input.AcceptAddresses, Network.Filter.Input.Policy and Network.Filter.Log.Enabled

• The WebService Discovery (WS-Discovery) protocol is disabled by default. It only applies for factory defaulted devices and is possible to enable through the VAPIX API: WebService.DiscoveryMode.Discoverable. MDNS is the preferred way of discovering Axis devices on networks.

• Removed the possibility to format SD cards to the vFAT file system. However, they can still be used as before.
  Applies to: All products with SD card support.

Analytics updates

• AXIS Object Analytics
  Note that not all products support AXIS Object Analytics. For more information on compatible products and features, visit the AXIS Object Analytics.

• • Updated scenario setup for products based on Ambarella CV25.

  • Improved algorithm for multichannel products.

  • Improved detection algorithm. Note that not all products support AXIS Object Analytics.

• AXIS License Plate Verifier
  Applies to: AXIS P1465-LE-3 and AXIS P3265-LVE-3

• • Improved on Australian libraries with extended plate formats to increase license plate reads for Custom/Personalized plates.

  • Improved on Mexican libraries with characters that are situated very close to the frame of the license plate.

  • Corrected a stability issue related to Australia and New Zealand region number plates.

  • Corrected an issue with max character filter.

  • Corrected an issue with Singapore region which was not listed in some camera models.
    

• Early fire detection
  Applies to: AXIS Q1961-TE, AXIS Q1961-XTE, AXIS Q1971-E and AXIS Q2101-TE

• • Corrected an issue where the current preset was not always selected in the drop-down menu on the settings page.

  • General improvements.

• AXIS Image Health Analytics is added as pre-installed application.
  Applies to: AXIS P1385/-B/-BE/-E, AXIS P1387/-B/-BE/-LE and AXIS P1388/-B/-BE/-LE

• Added a rename event to improve post-processing tracking of objects that reappear in the scene.
  Applies to: Products based on AXIS ARTPEC-8 and Ambarella CV25.
  Note that it is not applicable to AXIS M4317-PLR/-PLVE, AXIS M4318-PLR/-PLVE, AXIS M4327-P, AXIS M4328-P, AXIS XFQ1656, AXIS P1468-XLE and AXIS P3827-PVE

Product specific features

• Hardware modifications have been made to proactively prepare for the new NDAA 23 regulations that will be required in 2028. You will find more information about NDDA Compliance on axis.com. In AXIS OS knowledge base, you will find more about the hardware changes. The hardware ID can be found in Plain config > Properties > System > Hardware ID.

• • Products with Hardware ID A08 only supports active track 12.1.60 and later, as well as upcoming versions of LTS 2024 and LTS 2022 and later.
    Applies to: AXIS M3088-V

  • Products with Hardware ID A09 only supports active track 12.1.60 and later, as well as upcoming version of LTS 2024 and later.
    Applies to: AXIS M3128-LVE

  • Products with Hardware ID A07 only supports active track 12.1.60 and later, as well as upcoming version of LTS 2024 and later.
    Applies to: AXIS M4218-V and AXIS M4218-LV

  • Products with Hardware ID A14 and A15 only supports active track 12.1.160 and later, as well as upcoming version of LTS 2024 and later.
    Applies to: AXIS P3738-PLE and AXIS P4708-PLVE

• AXIS Audio Manager Edge: Added the volumeControllers API endpoint that makes it possible to adjust different volumes within the system.
  Applies to: AXIS C1110-E, AXIS C1111-E, AXIS C1210-E, AXIS C1211-E, AXIS C1510, AXIS C1511, AXIS C1610-VE, AXIS C8110 and AXIS C8210

• Added support for additional colors for the front LED. The new colors are yellow, purple, turquoise and white.
  Previously, it was possible to produce these colors by selecting multiple colors but this option is now removed and such profiles will be moved to the new colors on update.
  Applies to: AXIS C1110-E, AXIS C1111-E, AXIS C1210-E, AXIS C1211-E, AXIS C1310-E Mk II, AXIS C1410 Mk II, AXIS C1510, AXIS C1511, AXIS XC1311,

• Added the possibility to disable/enable USB ports in the web-interface or via VAPIX API.
  Applies to: AXIS D1110

• Updated the appearance of 1+3 video channel.
  Applies to: AXIS F9114 Main Unit and AXIS F9114-B Main Unit

• Added support for sensor AXIS F2107-RE and AXIS F2137-RE.
  Applies to: AXIS F9104-B Main Unit, AXIS F9111 Main Unit, AXIS F9114 Main Unit and AXIS F9114-B Main Unit

• Added support for including license plate crops in Base64 format within the VehicleInformation metadata event when using Axis License Plate Verifier.
  Improved the performance of License plate and speed association and removing the license plate capture from stationary vehicles.
  Applies to: AXIS Q1686-DLE

• Added the possibility to read the power consumption from the Power Meter function as an overlay.
  Applies to: All products with Power Meter support

• AXIS PTZ Autotracking has been integrated into AXIS OS and is now located under the PTZ tab in the web interface.
  Applies to: All product with PTZ Autotracking support..

• Improved setup time for SD cards by moving parts to the background.
  Applies to: All products with SD card support.

Release date: 2024-11-13

Corrections

• Removed templates in the Axevent API as they do not work after removing root privileges in AXIS OS 12.0.

• Corrected an issue where the browser selected Simplified Chinese automatically while it should have selected the Traditional Chinese.

• Corrected an issue where the image upload file naming was not correct.

• Corrected an issue in application upgrade when using AXHttp.

• Corrected an issue with the description of the modifier in the text overlay.

• Corrected an issue with customhttpheader.cgi that could make the web GUI inaccessible.

• Corrected an issue that could cause the device to stop responding if the video processing system was stopped unexpectedly..
  Applies to: AXIS I7010-VE, AXIS I7020, AXIS I8116-E, AXIS M1055-L, AXIS M1075-L, AXIS M2035-LE, AXIS M2036-LE, AXIS M3085-V, AXIS M3086-V, AXIS M3088-V, AXIS M3125-LVE, AXIS M3126-LVE, AXIS M3128-LVE, AXIS M4215-LV/-V, AXIS M4216-LV/-V and AXIS M4218-LV/-V

• Corrected an issue where SIP calls using unicast was not working correctly.
  Applies to: AXIS C8110

• Removed the support for altering white light states through the the ONVIF API.
  Applies to: AXIS Q1656-DLE, AXIS Q8615-E,AXIS Q8752-E

• Corrected an issue where the incorrect MAC address was shown.
  Applies to: AXIS Q1808-LE

• Corrected a focusing issue.
  Applies to: AXIS Q6315-LE and AXIS Q6318-LE

• Corrected an issue where the camera could move out of control if it received multiple rapid preset calls.
  Applies to: AXIS Q8752-E

• Corrected an intermittent issue with low image quality and bitrate in RTSP-streams, when using Zipstream in combination with PTZ commands.
  Applies to: All products based on AXIS ARTPEC-7 and AXIS ARTPEC-8 with PTZ support.

• Increased the minimum size of a viewarea to the same size as the smallest video streaming resolution when adding a new viewarea.
  Applies to: All products based on AXIS ARTPEC-8 with viewarea support.

Release date: 2024-09-30 – 2024-10-21

Watch the release update YouTube video that summarises the highlights, or read through the full list of changes below.

Features for all products

• Implemented the IPv4 compliance i.e. AXIS OS devices no longer have default IP addresses. The Axis OS devices will use IP addresses either from a DHCP server or from a statically configured address. The devices will only revert to link-local addresses if an IP address conflict is detected or if a DHCP server is not available on the network. Go to the AXIS OS Knowledge base for more information on the IPv4 address transition.

• Added the Network.RTSPS.Ciphers VAPIX parameter to configure cryptographic ciphers for secure video streaming over SRTP/RTSPS.

• Changed the firewall default policy to "Allow" to prevent accidental lockouts when activating the firewall.

• Added the possibility to disable the anonymous access of Basic Device Info properties.

• Updated the default Content-Security-Policy (CSP) HTTP(S) header. Visit the AXIS OS Knowledge base for an overview of the default header configuration.

• Added support for selecting MQTT client status as a condition when creating event rules.

• Updated the look and feel of the web interface.

Cybersecurity updates

• Addressed CVE-2024-7784. For more information, please visit the Axis vulnerability management portal.
  Note that downgrading the product to an older AXIS OS version other than LTS 2024 version 11.11.109 or later as well as LTS 2020 version 10.12.225 or later, is not possible.
  Applies to: Products based on AXIS ARTPEC-8, I.MX 6SX, I.MX 6ULL, I.MX 8M-NANO, I.MX 8M-Mini and I.MX 8QP/M

• Addressed CVE-2024-6509 and CVE-2024-6979. For more information, please visit the Axis vulnerability management portal.

• Removed the root-privileged access to Axis products and ACAP applications indefinitely without the possibility to enable it. This change applies to the factory default settings as well as when upgrading to AXIS OS 12 from any previous version of AXIS OS. This has been communicated since May 2023, read the full guide for more information.

• Updated Apache to version 2.4.62, addressing CVE-2024-40725 and CVE-2024-40898.

• Updated cURL to version 8.9.1, addressing CVE-2024-8096.

• Updated OpenSSL to version 3.0.15, addressing CVE-2024-6119 and CVE-2024-5535.

• Updated OpenSSH to version 9.8p1, addressing CVE-2024-6387.

• Preconfigured the Axis device ID P-256 ECC client certificate for IEEE 802.1X. Previously, it was the RSA-2048 version.

• Updated the supported TLS versions for the SMTP client so only TLS 1.2 or higher is supported.

• Improved default security by removing the blow weak ciphers for TLS connections: DHE-RSA-AES128-GCM-SHA256 and DHE-RSA-AES256-GCM-SHA384.

Breaking changes

• Disabled the UPnP discovery protocol. It only applies for factory defaulted devices. It is possible to enable through the VAPIX API: Network.UPnP.Enabled. MDNS is the preferred way of discovering Axis devices on networks.

• Disabled HTTP Port 80 redirects, if the device is configured to HTTPS-only, to increase the overall device security.

• Removed the "IP-Filtering"-service and replaced by host-based firewall service, available since AXIS OS 11.8.

• Removed support for TLS 1.0/1.1 HTTPS connections to increase overall security level.

• Removed support for OpenSSL 1.1.1 which is replaced by OpenSSL 3. Read more on the Open Source library support in AXIS OS portal.

• Removed support for SMB 1.0 and 2.0 to increase overall cybersecurity level.

• Changed the object type from Bicycle to Bike in ONVIF metadata stream.

• Removed "tt:ClassDescriptor/tt:ClassCandidate" from Analytics Scene description. ONVIF recommends using "tt:ClassDescriptor/tt:Type".

• Removed the old web interface, also called “AXIS OS web version B”.

• Removed root-privileged access for ACAP applications. Please read the full guide for more information.

• Changed the behavior for ACAPs to abort post-installed script installation and return an error if it fails.

• Removed the libcapture library for ACAPs. Please use the Video capture API instead. For more information, visit the ACAP SDK Documentation.

• Removed the vaconfig.cgi VAPIX API since it is obsolete.

• Removed the getBrand.cgi VAPIX API. It is recommended to use the Basic Device Information VAPIX API instead, see more info in the VAPIX Library.

• Removed the axis-release/releaseinfo.cgi in VAPIX API. It is recommended to use the Basic Device Information VAPIX API instead, see more info in the VAPIX Library.

• Removed the lightcontrol webservice API and replaced by lightcontrol JSON API. Please see the VAPIX Library for more information.

• Removed the legacy overlays. The ability to create overlays through parameter.cgi is removed. For more information go to developer community.

• Changed the VAPIX Rate Control API to make it simpler. This was communicated earlier in developer community.

• Removed the unused functionality or parameters in privacymask.cgi and param.cgi, while those utilized in the previous version have been preserved. The following is emoved in privacymask.cgi: preview_on, preview_off, query list, query position, ptpolygon, imagerotation, imageresolution, zoomlowlimit. The following is removed in param.cgi: parameter Image.I[source].Overlay.MaskWindows.PtPolygon.

• Removed the basic analytics ACAP applications due to updates to the framework. Applies to Axis Basic Enter-Exit, Axis Basic Object Counter and Axis Basic Object Removed.
  Applies to: AXIS Q6074/-E, AXIS Q6075/-S/-SE and ExCam XPT Q6075

Analytics updates

• AXIS Object Analytics

• • Added Class/reason to all alarm scenarios events.

  • Updated Line Crossing for alarms events.

  • Improved detection algorithm for Artpec 7 cameras.

  • Added Beta Tag to Occupancy in Area for DLPU Fisheye Cameras.

  • Crossline Counting added to DLPU Fisheye Camera.

• Note that not all products support AXIS Object Analytics. Note that not all products support AXIS Object Analytics. For more information on compatible products and features, visit the AXIS Object Analytics.

• AXIS License Plate Verifier

• • Improved stability and memory optimization.

  • Improved on state recognition for USA number plates where stuck letters such as FT or LR could affect the state recognition of the plate.

  • Improved the libraries for Austrian number plates.

  • Added support for Singapore license plates.

  • Added support for the new license plate prefix region MUC for German license plates.

  • Corrected an issue with too many descriptor files open in buffered events.

  • Corrected an issue for Push Events, wrong value in the Lost event in Unicode filed (umlauts).

  • Corrected an issue when saving sensitivity setting value. - Corrected an issue when camera switches between day and night mode.

  • Corrected an issue when the default HTTP/HTTPS port is changed on the camera.

  • Corrected an issue with the Test button under Push Events, where test events were not received by AXIS Camera Station.

• AXIS Perimeter Defender

• • Version 3.6.0 or higher is required.

  • AXIS Perimeter Defender 3.5.1 and earlier versions are not compatible with AXIS OS 12.0 or higher.

  • How to upgrade: Before upgrading to AXIS OS 12.0 or higher, ensure that AXIS Perimeter Defender is upgraded to version 3.6.0 or higher.

  • If you upgrade a camera running AXIS Perimeter Defender 3.5.1 or earlier to AXIS OS 12.0, the application will not be available. However, a simple rollback to the previous version of AXIS OS will restore the application without any loss of configuration.

• AXIS Image Health Analytics is added as pre-installed application.
  Applies to: AXIS M3215-LVE, AXIS M3216-LVE, AXIS P1465-LE, AXIS P1465-LE-3, AXIS P1467-LE, AXIS P1468-LE, P3265-V/-LV/-LVE, AXIS P3267-LV/-LVE, AXIS P3268-LV/-LVE/-SLVE, AXIS Q1656/-B/-BE/-BLE/-DLE/-LE, AXIS Q1805-LE, AXIS Q1806-LE, AXIS Q1808-LE, AXIS Q3536-LVE, AXIS Q3538-LVE/-SLVE, AXIS Q3626-VE and AXIS Q3628-VE

Product specific features

• AXIS Audio Manager Edge: Added the possibility to randomize a delay when the intervals of an event starts.
  Added the targets API endpoint that makes it possible to get online/offline status of devices.
  Applies to: AXIS C1110-E, AXIS C1111-E, AXIS C1210-E, AXIS C1211-E, AXIS 1510, AXIS C1511, AXIS C1610-VE, AXIS C8110 , AXIS C8210and AXIS XC1311

• Changed the indicated LED from green to off during normal operation.
  Applies to: AXIS C1110-E, AXIS C1111-E, AXIS C1210-E, AXIS C1211-E, AXIS C1310-E Mk II, AXIS C1410 Mk II, AXIS C1510, AXIS C1511, AXIS C1610-VE, AXIS C6110 and AXIS XC1311

• Added support for audio multicast controller to enable users to specify a set of multicast sources to listen to and to prioritize them.
  Applies to: AXIS I7010-VE, AXIS I8016-LVE and AXIS I8116-E

• Improved analytics capabilities when wall mounted.
  Applies to: AXIS M4317-PLR/-PLVE, AXIS M4318-PLR/-PLVE, AXIS M4327-P and AXIS M4328-P

• Added the event configuration pages in the web interface for more configuration options. A warning is shown when existing rules are changed.
  Applies to: AXIS S3008, AXIS S3008 Mk II and AXIS S3016

• Increased support for up to 50 audio clips.
  Applies to: AXIS V5925 and AXIS V5938

• Added wiper support to NTCIP and the possibility to enable clear-view on selected products with speed dry functionality.
  Applies to: AXIS Q1656-BE/-BLE/-LE, AXIS Q6135-LE, AXIS Q6225-LE, AXIS Q6315-LE and AXIS Q8752-E

• Added the possibility to enable the disabled switchport.
  Applies to: AXIS Q1805-LE, AXIS Q1806-LE, AXIS Q1808-LE and AXIS Q1809-LE

Release date: 2024-10-21

Corrections

• Corrected an issue where SSH and network share users were removed after upgrade.

• Corrected an issue where live stream not working correctly when connected through RTSPS.
  Applies to: AXIS A8207-VE Mk II, AXIS I7010-VE, AXIS I8016-LVE and AXIS I8116-E

Release date: 2024-10-10

Corrections

• Improved stability when set to wall mode.
  Applies to: AXIS M4308-PLE

Release date: 2024-10-07

Corrections

• Improved the number of false alarms for static scenes in Axis Object Analytics.
  Applies to: AXIS F9104-B, AXIS F9111, AXIS F9114/-B, AXIS P5654-E, AXIS P5654-E Mk II, AXIS P5655-E, AXIS P5676-LE, AXIS Q6074/-E, AXIS Q6075/-E/-S/-SE, AXIS Q6078-E, AXIS Q6135-LE, AXIS Q6225-LE, AXIS Q6315-LE, AXIS Q6318-LE, AXIS Q8615-E, D201-S XPT Q6075 and ExCam XPT Q6075

Release date: 2024-09-30

New products

• AXIS M3125-LVE

• AXIS M3126-LVE

• AXIS M3128-LVE

• AXIS Q1686-DLE

Corrections

• AXIS Audio Manager Edge: Corrected an issue where streaming from Royal Streaming was not working correctly.

• AXIS Audio Manager Pro: Limitation: To support AXIS OS 12 and higher, an upgrade to AXIS Audio Manager Pro version 4.6.1 or higher is required.

• Corrected an issue where scenario names were not the same between MQTT and AXIS Object Analytics.

• Corrected an issue with time and date format when testing to send email to recipient.

• Corrected an issue where it was not possible to enable DST using root.Time.DST.Enabled.

• Corrected an issue with malformed XML data in the metadata stream.

• Corrected an issue with virtual inputs.
  Applies to: AXIS A8207-VE, AXIS A8207-VE Mk II, AXIS I7010-VE, AXIS I8016-LVE and AXIS I8116-E

• Corrected an issue where not all special characters could be used when adding a new source.
  Applies to: AXIS D1110

• Corrected an issue to be able to set the focus through VAPIX API.
  Applies to: AXIS M5526-E

• Corrected an issue where it was not possible to upgrade from AXIS OS version 8.20 or older.
  Applies to: AXIS A8207-VE Mk II, AXIS FA51, AXIS FA51-B, AXIS FA54, ExCam XF Q1785, XF40-Q1785 and XPQ1785

• Corrected an issue where AXIS TU8003 was not working correctly.
  Applies to: AXIS P3735-PLE, AXIS P3737-PLE and AXIS P3738-PLE

• Corrected an issue where the product could become unavailable over the network after a reboot or a firmware upgrade.
  Applies to: AXIS S3016

• Corrected an issue with radar stream orientation when the camera video stream was rotated.
  Limitation: The radar video stream will always match the camera rotation. If the camera stream is rotated, the radar live view will rotate as well.
  Improved radar pairing function stability and introducing automatic reconnect if the connection between the radar and camera drops.
  Applies to: AXIS D2210-VE and AXIS P1465-LE-3

• Improved radar crossline metadata event with additional parameters like the object ID, object class and speed.
  Applies to: AXIS D2110-VE, AXIS D2210-VE and AXIS Q1656-DLE

• Corrected an issue which caused timestamps of analytics scene description frames to be out of sync with the video.
  Improved radar speed measurement accuracy when road monitoring profile is used in installations where road signs can be the cause for reflections.
  Applies to: AXIS Q1656-DLE

• Corrected an issue where audio was not being transmitted correctly over HDMI.
  Applies to: AXIS Q1715

Support phase: 2024 – 2029-12-31

Go to Products on LTS 2024 - 11.11 for a list of products on this track.

Release date: 2024-10-28

Corrections

• Corrected an issue with playing profiles with durations, ensuring consistent behavior for light and sound effects.
  Applies to: AXIS D4100-E

• Corrected an issue that caused devices to stop sending video to the VMS after a restart.
  Corrected an issue that could cause the device to stop responding if the video processing system was stopped unexpectedly.
  Applies to: AXIS M1075–L

• Corrected an issue where recording stopped after upgrade if global proxy was set on the recorder.
  Corrected a issue where SSH and network share users were removed after an upgrade.
  Applies to: AXIS S3008. AXIS S3008 MK IIand AXIS S3016

Release date: 2024-10-11

Corrections

• Corrected an issue with virtual inputs.
  Applies to: AXIS A8207-VE, AXIS A8207-VE Mk II, AXIS I7010-VE, AXIS I8016-LVE and AXIS I8116-E

Release date: 2024-10-11

Cybersecurity updates

• Updated cURL to version 8.10.1.

• Updated OpenSSL to version 3.0.15, addressing CVE-2024-6119 and CVE-2024-5535

• Updated OpenSSL to version 1.1.1za, addressing CVE-2024-5535.

• Addressed CVE-2024-8160. This CVE will be externally disclosed on 26 November 2024, as part of our ongoing commitment to cybersecurity. Detailed information will follow then. For more information, please visit the Axis vulnerability management portal.

• Updated expat (libexpat1) to version 2.6.2, addressing CVE-2024-45490, CVE-2024-45491 and CVE-2024-45492.

• Updated h2 servers, addressing RUSTSEC-2024-0332.

• Updated libxml2 to version 2.12.8, addressing CVE-2024-34459.

• Updated ncurses (libtinfo5), addressing CVE-2023-45918.

• Updated ncurses (libncursesw5), addressing CVE-2023-50495.

• Improved stability and reliability of the certificate management service.

Analytics updates

• AXIS Object Analytics

• • Improved the number of false alarms for static scenes in Axis Object Analytics.
    Applies to: D201-S XPT Q6075, ExCam XPT Q6075, AXIS F9104-B Main Unit, AXIS F9111 Main Unit, AXIS F9114/-B Main unit,AXIS P3245-LV/-LVE, AXIS P5654-E/-E Mk II, AXIS P5655-E, AXIS P5676-LE, AXIS Q1951-E, AXIS Q1952-E, AXIS Q6074/-E, AXIS Q6075/-E/-S/-SE, AXIS Q6078-E, AXIS Q6135-LE, AXIS Q6225-LE, AXIS Q6315-LE, AXIS Q6318-LE and AXIS Q8615-E

Note that not all products support AXIS Object Analytics. Note that not all products support AXIS Object Analytics. For more information on compatible products and features, visit the AXIS Object Analytics.

Corrections

• Corrected an issue with malformed XML data in the metadata stream.

• Corrected an issue where it was not possible to enable DST using root.Time.DST.Enabled.

• Increased the possible maximum length of the MQTT overlay key.

• Changed the indicated LED from green to off during normal operation.
  Applies to: AXIS C1110-E, AXIS C1111-E, AXIS C1210-E, AXIS C1211-E, AXIS C1310-E Mk II, AXIS C1410 Mk II, AXIS C1510, AXIS C1511, AXISC1610-VE and AXIS XC1311

• Improved system stability by resolving memory leaks in audio service during RTSP connection openings and closures, reducing the risk of crashes.
  Applies to: AXIS C1110-E, AXIS C1111-E, AXIS C1310-E, AXIS C1310-E Mk II, AXIS C1410, AXIS C1410 Mk II, AXIS C1610-VE, AXIS C8110, AXIS C8210 and AXIS XC1311

• Corrected an issue where the camera stopped streaming and web GUI became inaccessible.
  Applies to: AXIS M3085-V, AXIS M3088-V, AXIS M4215-LV, AXIS M4215-V, AXIS M4218-LV and AXIS M4218-V

• Corrected an issue which caused timestamps of analytics scene description frames to be out of sync with the video.
  Applies to: AXIS Q1656-DLE and AXIS Q1686-DLE

• Corrected an issue with the video not being updated using the new web interface.
  Applies to: AXIS Q6215-LE

• Corrected an issue where the product could become unavailable over the network after a reboot or a firmware upgrade.
  Applies to: AXIS S3016

• Corrected an issue where the camera could move out of control if it received multiple rapid preset calls.
  Applies to: AXIS Q8752-E

Release date: 2024-09-10 – 2024-09-18

The first release of AXIS OS LTS 2024 is out. Watch the release update video that summarizes the highlights, or read through the complete list of changes below.

New products

• AXIS M3125-LVE

• AXIS M3126-LVE

• AXIS M3128-LVE

Features for all products

• Changed the firewall default policy to "Allow" to prevent accidental lockouts when activating the firewall.

• Added support for selecting MQTT client status as a condition when creating event rules.

Cybersecurity updates

• Updated Apache to version 2.4.62, addressing CVE-2024-40725 and CVE-2024-40898.

• Updated libssh2 to version 1.11.0, addressing CVE-2023-48795.

• Updated OpenSSH to version 9.8p1, addressing CVE-2024-6387.

• Addressed CVE-2024-6509 and CVE-2024-6979. For more information, please visit the Axis vulnerability management portal.

• Addressed CVE-2024-7784. For more information, please visit the Axis vulnerability management portal.
  Note that downgrading the product to an older AXIS OS version is not possible.
  Applies to: Products base on AXIS ARTPEC-8, I.MX 6SX,I.MX 6ULL,I.MX 8M-Mini, I.MX 8M-NANO and I.MX 8QP/M

Analytics updates

• AXIS License Plate Verifier 2.12.8

• • Improved stability and memory optimization.

  • Improved on state recognition for USA number plates where stuck letters such as FT or LR   could affect the state recognition of the plate.

  • Improved the libraries for Austrian number plates.

  • Added support for Singapore license plates.

  • Added support for the new license plate prefix region MUC for German license plates.

  • Corrected an issue with too many descriptor files open in buffered events.

  • Corrected an issue for Push Events, wrong value in the Lost event in Unicode filed (umlauts).

  • Corrected an issue when saving sensitivity setting value.

  • Corrected an issue when camera switches between day and night mode.

  • Corrected an issue when the default HTTP/HTTPS port is changed on the camera.

Product specific features

• AXIS Audio Manager Edge: Corrected an issue where streaming from Royal Streaming was not working correctly.

• Improved Radar pairing function stability and introducing automatic reconnect if the connection between the radar and camera drops.
  Applies to: AXIS D2210-VE, AXIS P1465-LE-3, AXIS P3265-LE-3 and AXIS Q1700-LE

Corrections

• Removed example private keys, previously intended for demonstration purposes only, to address security scanner findings.

• Corrected an issue where it was not possible to upgrade from AXIS OS version 8.20 or older.
  Applies to: Products based on AXIS ARTPEC-6

• Changed the indicated LED from green to off during normal operation.
  Applies to: AXIS C1110-E, AXIS C1111-E, AXIS C1210-E, AXIS C1211-E, AXIS C1310-E Mk II, AXIS C1410 Mk II, AXIS C1510, AXIS C1511, AXIS C1610-VE and AXIS XC1311

• Corrected an issue with radar stream orientation when the camera video stream was rotated.
  Limitation: The radar video stream will always match the camera rotation. If the camera stream is rotated, the radar live view will rotate as well.
  Applies to: AXIS D2110-VE, AXIS D2210-VE, AXIS P1465-LE-3, AXIS P3265-LE-3 and AXIS Q1700-LE

• Corrected an issue where AXIS TU8003 was not working correctly.
  Applies to: AXIS P3737-PLE, AXIS P3747-PLVE and AXIS P3748-PLVE

• Corrected an issue where a3dpc API did not work correctly from the DAX ACAP.
  Applies to: AXIS P8815-2

• Corrected an issue where recordings stopped working when global proxy was set on the recorder.
  Applies to: AXIS S3008, AXIS S3008 Mk II and AXIS S3016

• Corrected an issue where audio was not being transmitted correctly over HDMI.
  Applies to: AXIS Q1715

• Corrected an issue where the focus calibration did not work correctly in the web interface.
  Applies to: AXIS Q6010-E and AXIS Q6100-E

The following products will remain on LTS 2024, which means they will have this track as their final track and will not receive AXIS OS 12.

The following products will remain on LTS 2024, meaning they will have this track as their final track and will not receive AXIS OS 12. However, they will continue to receive Product-specific support (PSS) after the end of LTS 2024 until 2031-12-31.

If you're looking for release notes from earlier versions of AXIS OS 11 active track, you can find them here.

Support phase: 2022 – 2027-12-31

Go to Products on LTS 2022 - 10.12 for a list of products on this track.

Release notes for older versions of AXIS OS 10 can be found here.

Release date: 2024-10-13

Cybersecurity updates

• Addressed CVE-2024-8772. This CVE will be externally disclosed on 26 November 2024 as part of our ongoing commitment to cybersecurity. Detailed information will follow then. For more information, please visit the Axis vulnerability management portal.

• Addressed CVE-2023-21418. For more information, please visit the Axis vulnerability management portal.

• Updated libxml2, addressing CVE-2023-45322 and CVE-2024-25062.

• Updated busybox, addressing CVE-2022-48174.

• Updated zlib (libz1), addressing CVE-2023-45853.

• Restricted access to param.cgi so that only authorized administrators can configure privacy masks.

• Updated wpa-supplicant to version 2.11 to increase overall cybersecurity level.

• Corrected an issue with certificates, where the certificate name was used as the identity.

Corrections

• Corrected an issue where Client Stream Data showed wrong FPS as viewer.
  Limitation: FPS restriction is removed when adaptive stream is enabled for viewers.

• Corrected an issue where # in network sharing passwords was not supported.

• Corrected an issue where mounting network share with 'space' character in the name was not working correctly.

• Corrected an issue where network share recipient hostname with '-' character was not working correctly.

• Corrected a focus setting issue that prevented users from accessing certain functionalities, such as open iris to set focus, autofocus, and resetting functions, when using a DC iris with the camera.
  Applies to: AXIS P1375, AXIS P1377, AXIS P1378, AXIS Q1645, AXIS Q1645-LE, ExCam XF P1377, ExCam XF Q1645 and F101-A XF P1377

• Addressed unintended presence of Electronic Image Stabilization (EIS) settings in the web interface.
  Applies to: AXIS Q1659

Release date: 2024-10-11

Cybersecurity updates

• Updated cURL to version 8.10.1 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1za to increase overall cybersecurity level.

• Addressed CVE-2024-8160. This CVE will be externally disclosed on 26 November 2024, more detailed information will follow at that time. For more information, please visit the Axis vulnerability management portal.

• Addressed CVE-2024-45490, CVE-2024-45491 and CVE-2024-45492 in expat (libexpat1) version 2.6.2.

• Addressed CVE-2023-29491 and CVE-2023-50495 in ncurses (libncursesw5).

• Addressed CVE-2023-45918 in ncurses (libtinfo5).

• Improved stability and reliability of the certificate management service.

Corrections

• Corrected an issue where the camera could move out of control if it received multiple rapid preset calls.
  Applies to: AXIS Q8752-E

Release date: 2024-09–02

Cybersecurity updates

• Updated Apache to version 2.4.62 to increase overall cybersecurity level.

• Updated cURL to version 8.9.0 to increase overall cybersecurity level.

• Updated libssh2 to version 1.11.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1y to increase overall cybersecurity level.

• Updated OpenSSH to version 9.8p1 to increase overall cybersecurity level.

• Addressed a vulnerability allowing DHCPv6 lease injection through unvalidated input parameters.

• Removed example private keys, previously intended for demonstration purposes only, to address security scanner findings.

• Addressed CVE-2023-52160 in wpa-supplicant to increase overall minimum cybersecurity level.

• Addressed CVE-2024-0067, CVE-2024-6173, CVE-2024-6509. For more information, please visit the Axis vulnerability management portal .

• Addressed CVE-2024-7784. Please note that downgrading the product to an older AXIS OS version is not possible. For more information, please visit the Axis vulnerability management portal.
  Applies to: All products base on AXIS ARTPEC-8, I.MX 6SX,I.MX 6ULL, I.MX 8M-Mini, I.MX 8M-NANO and I.MX 8QP/M

Corrections

• Corrected an issue causing stream crashes via CGI input with invalid float values.
  Applies to:AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE and AXIS Q3527-LVE

• Corrected an issue that was preventing images from being successfully sent via SFTP.
  Applies to:AXIS Q6075-E and AXIS Q6135-LE

• Corrected an issue in the Event system where a faulty event topic filter could cause log messages to flood as well as prevent RTSP metadata streams from opening correctly.

• Corrected an issue with malformed XML data in the metadata stream.

Release date: 2024-06-17

Cybersecurity updates

• Updated Apache to version 2.4.59 to increase overall cybersecurity level.

Corrections

• Corrected an issue where SSH users who used ssh-copy-id to install their SSH key as authorized on the device would unintentionally still have SSH access after a factory default with keeping IP settings.

• Corrected memory problems for products utilizing AXIS O3C Dispatcher service.

• Corrected an issue where invalid data could crash the Remote Syslog cgi.

Release date: 2024-05-27

Cybersecurity updates

• Addressed CVE-2024-0066. For more information, please visit the Axis vulnerability management portal.

• Updated cURL to version 8.7.1 to increase overall cybersecurity level.

Corrections

• Corrected an issue where mounting network share with 'space' character in the name was not working correctly.

• The parameter RemoteService.ProxyPassword that controls the proxy password has been masked and made unreadable for security reasons.

• Improved stability of the WSDD (Web Services Dynamic Discovery) by addressing potential unexpected crashes.

• Added DNS cache for O3C client to reduce the DNS lookup.

• Corrected an issue causing gradual increase in Snapshot CGI response time.

• Corrected an issue where # in network sharing passwords was not supported.

• Addressed unintended presence of Electronic Image Stabilization (EIS) settings in the web interface.
  Applies to: AXIS Q1659

• Corrected an issue where IR light setting was not preserved after camera upgrades.
  Applies to: AXIS M3057-PLVE, AXIS M3058-PLVE, AXIS P1445-LE, AXIS P1445-LE-3, AXIS P1447-LE, AXIS P1448-LE, AXIS P3227-LV, AXIS P3227-LVE, AXIS P3228-LV, AXIS P3228-LVE, AXIS P3245-LV, AXIS P3245-LVE, AXIS P3717-PLE, AXIS P3719-PLE, AXIS Q1700-LE, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q3515-LV, AXIS Q3515-LVE, AXIS Q3517-LV, AXIS Q3517-LVE, AXIS Q3517-SLVE, AXIS Q3518-LVE, AXIS Q3527-LVE, and AXIS Q6215-LE

Release date: 2024-03-12

Cybersecurity updates

• Addressed CVE-2024-0055. For more information, please visit the Axis vulnerability management portal.

• Updated OpenSSL to version 1.1.1x to increase overall cybersecurity level.

• Updated cURL to version 8.6.0 to increase overall cybersecurity level.

Corrections

• Updated mDNS Responder Daemon (mDNSResponder) to version 2200.60.25.0.4, enhancing overall system stability.

• Updated time zone database version to 2024a.

• Corrected an issue where the camera did not return to the start position after being physically forced to pan.

• Extended the number of preset positions for the built-in Pelco driver from 32 to 100. Additionally, introduced a new config option in plain configuration (UserAdv parameter).

Release date: 2024–01–29

Cybersecurity updates

• Addressed CVE-2023-5800. For more information, please visit the Axis vulnerability management portal.

• Updated cURL to version 8.5.0 to increase overall cybersecurity level.

• Updated Apache to version 2.4.58 to increase the overall cybersecurity level.

Corrections

• Corrected an issue where it was not possible to add license if the ACAP uses semantic versioning.

• Corrected an issue causing slight waves/vibrations in the image.
  Applies to: AXIS Q6225-LE

• Addressed various stability issues in the SIP daemon.
  Applies to: AXIS A8207-VE, AXIS A8207-VE Mk II and AXIS I8016-LVE

Release date: 2023–11–09

Cybersecurity updates

• Addressed CVE-2023-21418. For more information, please visit the Axis vulnerability management portal.

• Addressed CVE-2023-4911. For more information, please visit the Axis vulnerability management portal.

• Addressed CVE-2023-5553. Note that downgrading the product to an older LTS 2022 version is not possible. For more information, please visit the Axis vulnerability management portal.
  Applies to: All products based on AXIS ARTPEC-8.

• Updated cURL to version 8.4.0 to increase overall cybersecurity level.

Corrections

• Corrected an issue preventing I/O notifications to be received from AXIS Companion mobile app.

• Corrected a Pan Tilt Zoom issue using Coaxitron driver.
  Applies to: AXIS P7304 and AXIS P7316

Release date: 2023–10-11

Cybersecurity updates

• Updated cURL to version 8.3.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1w to increase the overall cybersecurity level.

• Addressed CVE-2023-21414. Note that downgrading the product to an older LTS 2022 version is not possible except for Q3527-LVE that has support for 9.80 LTS. For more information, please visit the Axis vulnerability management portal.
  Applies to: AXIS A8207-VE Mk II, AXIS Q3527-LVE and all products based on AXIS ARTPEC-8

• Addressed CVE-2023-21415. For more information, please visit the Axis vulnerability management portal.

• Addressed CVE-2023-21417. For more information, please visit the Axis vulnerability management portal.

Corrections

• Corrected an issue where the Web interface was unintentionally modifying the timezone upon loading, even if the device had been previously configured outside of the Web interface.

• Corrected an issue where focus and zoom option was not available in the web interface.
  Applies to: AXIS P3245-LV/-LVE

• Radar track IDs now persist across reboots, preventing collisions with previous boots.
  Increased the maximum track ID limit significantly to prevent track ID repetition from prolonged radar detector usage.
  Applies to: AXIS D2050-VE

• Corrected an issue that caused slow-motion pattern playback when starting two light profiles simultaneously.
  Applies to: AXIS D4100-E

Release date: 2023–08-21

Features

• Added support for AXIS T6101/T6112 Mk II with the same audio and I/O functionality as when combined with AXIS T6101/T6112.
  Applies to: AXIS M3115-LVE, AXIS M3116-LVE, AXIS M3064-V, AXIS M3065-V, AXIS M3066-V and AXIS M3075-V

Cybersecurity updates

• Updated cURL to version 8.2.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1v to increase the overall cybersecurity level.

Corrections

• Corrected CVE-2023-21413. For more information, please visit the Axis vulnerability management portal.

• Added the possibility to Netd Service to preserve the static resolver configuration even after a soft restore, safeguarding static DNS/Search domain settings.

• Updated the mDNS Responder Daemon (mDNSResponder) to version 1790.80.10 to improve system stability.

• Corrected an issue with incorrect trigger of I/O ports, that occurs at upgrade if an AXIS T6101 or AXIS T6112 is connected to the device.
  Applies to: All products with support for AXIS T6101 and AXIS T6112

• Corrected microphone power type when the product is used in combination with AXIS T6101 audio module.
  Applies to: AXIS P3255-LVE

• Improved stability by addressing a potential memory leak in the remote camera control service.
  Applies to: AXIS P3818-PVE, AXIS Q3819-PVE, AXIS Q6010-E and AXIS Q6100-E

• Corrected an issue where manual focus was not working correctly via ONVIF command, if using third-party driver.
  Applies to: AXIS Q1656 and AXIS Q1656-B

• Corrected an issue with Orientation Aid ACAP to be able to move the compass bar correctly via ONVIF commands.
  Applies to: AXIS Q6135-LE and AXIS Q6315-LE

• Corrected an issue where wiper was not possible to run through ONVIF command.
  Applies to: AXIS Q8752-E

Release date: 2023–08-04

Corrections

• Corrected an issue that could bring the camera in an out of focus state. To activate the correction on affected units, an additional restart is required after the upgrade.
  Applies to: AXIS Q3536-LVE and AXIS Q3538-LVE

Release date: 2023–07-20

Features

• Improved SNMP Monitoring by adding support for the ipAddressTable OID.

• Updated AXIS License Plate Verifier to version 2.8.4.
  Applies to: AXIS P3245-LVE-3, AXIS P1455-LE-3 and AXIS P1445-LE-3

• • Corrected CVE-2023-21407, CVE-2023-21408, CVE-2023-21409, CVE-2023-21410, CVE-2023-21411, CVE-2023-21412. For more information, please visit the Axis vulnerability management portal.

  • Added extra polygons to the Area of Interest for a more flexible coverage of the area.

  • Added the possibility for 2N integration to select the type of event by direction, any, in or out which it can be send to 2N IP device.

  • Added the possibility to set image parameters according to the manual for none AXIS License Plate Verifier kit cameras.

  • Added the possibility to send two images with Push Event, one image will be the license plate crop and the other image will be the same frame as used to be saved with the event under Settings > Image > Save Full Frame.

  • Added a new VAPIX event ALPV.Update. This event will be triggered together with metadata for every updated event.

Corrections

• Corrected the focal length limits when using a CS-mount lens with DC-iris.
  Applies to: AXIS Q1647, AXIS Q1647-LE, AXIS Q1645, AXIS Q1645-LE and ExCam XF Q1645

Release date: 2023–06-19

Features

• Added support for more than 7 identical streams. The maximum identical streams is equal to the MaxViewers parameter value.

• Enhanced SNMP Monitoring: We resolved a missing TCP sub-tree OID issue in NET-SNMP by adding support for the SNMP TCP MIB object .1.3.6.1.2.1.6. This improvement ensures a smooth and uninterrupted SNMP monitoring experience.

• Improved UPnP compliance by updating the SSDP (Simple Service Discovery Protocol) SERVER header in the standard "OS/version UPnP/1.0 product/version" format and USN (Unique Service Name) field with a UUID in the standard format. This enhances consistency and compatibility.

• Added proxy configuration support to the Owner Authentication Key (OAK) cgi using group root.RemoteService, simplifying setup on networks requiring proxy servers for Internet access and improving the authentication process.

• Updated time zone database version to 2023c.

• Added support for Network speaker pairing (Edge-to-edge technology), enabling synchronization of audio playback.
  Applies to: AXIS Q6225-LE

Cybersecurity updates

• Updated Apache to version 2.4.57 to increase the overall cybersecurity level.

• Updated cURL to version 8.1.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1u to increase the overall cybersecurity level.

Corrections

• Corrected an issue with OAK (owner authentication key). It now only produces warnings in the log instead of errors if the device is not able to connect to the internet.

• Corrected an issue where sequence ID modifiers #s and #S were not displaying the expected values.

• Improved performance for video streams when using same configurations.

• Corrected an issue in VDO Api, related to orientation when rotation has been changed.

• Corrected an issue where ONVIF recordings resumed after factory default.

• Updated libupnp to version 1.14.16, fixing a memory leak and improving overall stability.

• Corrected a memory leak in the video service, resulting in improved stability for streaming videos.

• Improved the syslog system stability by fixing a memory leak.

• Corrected an issue where artifacts could appear in the image when WDR is enabled and panning and tilting between different lighting conditions.
  Applies to: AXIS Q6315-LE

• Improved system reliability. To ensure uninterrupted streaming, we have optimized the response time of requests and increased the MCU's IWDG timeout to prevent restarts caused by unreliable communication.
  Applies to: AXIS M3205-LVE and AXIS M3206-LVE

• Corrected a focus setting issue that prevented users from accessing certain functionalities, such as open iris to set focus, autofocus, and resetting functions, when using a DC iris with the camera.
  Applies to: AXIS P1375, AXIS P1377, AXIS P1378, AXIS Q1645, AXIS Q1645-LE, ExCam XF P1377, ExCam XF Q1645 and F101-A XF P1377

• Corrected CVE-2023-21405. For more information, please visit the Axis vulnerability management portal.
  Applies to: AXIS A8207-VE and AXIS A8207-VE Mk II

• Corrected an auto focus issue causing inaccurate coordinates on set focus window.
  Applies to: AXIS M5074, AXIS M5075/-G, AXIS P3245-LV/-LVE/-V/-VE, AXIS P3245-LVE-3, AXIS P3247-LV/-LVE, AXIS P3248-LV/-LVE, AXIS P3255-LVE, AXIS P5654-E, AXIS P5655-E, AXIS Q1700-LE, AXIS Q1715, AXIS Q1785/-LE, AXIS Q1786-LE, AXIS Q1798-LE, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE, AXIS Q3518-LVE, AXIS Q3527-LVE, AXIS Q6135-LE, AXIS Q8752-E, ExCam XF Q1785, F101-A XF Q1785, XF40-Q1785 and XP40-Q1785

Release date: 2023–04–17

Features

• Updated cURL to version 8.0.1 to increase overall cybersecurity level.

• Updated Apache to version 2.4.56 to increase the overall cybersecurity level.

• Improved the manager client certificates and added support for installing multiple trust certificates and requesting/installing a second client certificate.

• Products with Hardware ID 971 only supports active track 11.4.52 and later, as well as LTS 2022 version 10.12.166 and later.
  The hardware ID can be found in Plain config > Properties > System > Hardware ID.
  Applies to: AXIS M5075-G

• Added detailed health information from SD cards to the server report, including power cycle statistics and flash wear rates. This improvement allows for a better monitoring of the system's health that can prevent downtime or data loss.

Corrections

• Corrected an issue in mDNS discovery that caused the reported port to be incorrect due to the network byte order not being properly handled. The correct port is now being printed.

• Improved network interface handling to prevent memory leaks and crashes by automatically restarting the web service discovery client daemon (wsdd) when network changes occur, ensuring uninterrupted service.

• Added fallback mode for network hardware that is limited to 10BASE-T and 100BASE-TX transmission.
  Applies to: All AXIS ARTPEC-7 products

• Corrected low-light image quality issues.
  Applies to: AXIS Q1700-LE, AXIS Q1785-LE, AXIS Q1786-LE, ExCam XF Q1785, F101-A XF Q1785, XF40-Q1785 and XP40-Q1785

• Corrected a focus setting issue that prevented users from accessing certain functionalities, such as open iris to set focus, autofocus, and resetting functions, when using a DC iris with the camera.
  Applies to: AXIS P1375, AXIS P1377, AXIS P1378, AXIS Q1645, AXIS Q1645-LE, ExCam XF P1377, ExCam XF Q1645 and F101-A XF P1377

• Corrected an issue where live view via HDMI could be accessed without setting a password. To enhance security, it is now mandatory to set up a password before being able to access live feed on a TV or monitor via HDMI.
  Applies to: AXIS V5925

Release date: 2023-02-20

Features

• Updated Apache to version 2.4.55 to increase the overall cybersecurity level.

• Updated OpenSSL to version 1.1.1t to increase overall cybersecurity level.

• Updated cURL to version 7.87.0 to increase overall cybersecurity level.

• The Security level for 'AutoRepair', 'FileSystem' and 'RequiredFileSystem' parameters has been lowered.

Corrections

• Disabled secure redirects from other network hosts net.ipv4.conf.all.secure_redirects & net.ipv4.conf.default.secure_redirects to increase overall minimum cybersecurity level.

• Corrected an issue where audio was not working correctly in the Companion and AXIS Camera Station iOS apps.
  Correction was also needed in the iOS apps, therefore requires iOS Companion version 7.11.14 or later, and iOS AXIS Camera Station 4.6.12 or later.
  Applies to: All products with audio out.

• Corrected an issue where is was not possible to install an application using manifest.json if an older application using package.conf was already installed.

• Corrected an issue affecting some O3C clients, that caused internal authentication requests to fail after a few days of uptime.

• Corrected an issue where it was not possible to save images using compression set to 10 or below to a network share when SMB 3.1.1 was used.

• Updated time zone database version to 2022g.

• Improved stability of syslog system by addressing a potential memory leak.

• Improved system stability during roll-back.

• Improved stability of the multicast DNS (mDNS) services.

• Corrected ONVIF reply for MaximumRetentionTime

• Corrected an issue with simultaneous PTZ Onvif requests.
  Applies to: All products with PTZ support.

• Corrected an issue where the IR led was turned off during the download of the server report.
  Applies to: AXIS Q6135-LE

• Corrected an IR-LED issue causing temperatures and image degradation in high ambient temperatures above 35°C, when IR light is activated at full power.
  Applies to: AXIS Q6318-LE

• Improved QuickZoom functionality to switch only during longer continuous zoom movements, ensuring smoother zoom experience with the mouse scroll wheel.
  Applies to: AXIS Q6135-LE and AXIS Q6318-LE

• Corrected an issue with focus being lost over time.
  Applies to: AXIS M3215-LVE, AXIS M3216-LVE, AXIS P1467-LE, AXIS P1468-LE, AXIS P3265-V/-LV/-LVE, AXIS P3267-LV/-LVE, AXIS P3268-LV/-LVE, AXIS P4705-PLVE, AXIS P4707-PLVE, AXIS Q1656/-B/-BE/-BLE/-LE, AXIS Q3536-LVE and AXIS Q3538-LVE

• Corrected an issue that caused pre-defined controls buttons to appear in the wrong place on the onscreen control panel.
  Applies to: All products with onscreen control support.

• Corrected an issue where autofocus needed to be re-applied when the ambient temperature changed.
  Applies to: AXIS P3265-V/-LV/-LVE, AXIS P3267-LV/-LVE, AXIS P3268-LV/-LVE, AXIS Q3536-LVE and AXIS Q3538-LVE

Release date: 2023–02–02

• Improved day/night switching stability. After upgrade a power off/on of the camera is required.
  Applies to: AXIS M3205-LVE and AXIS M3206-LVE

Release date: 2022-12-08

Features

• Products with Hardware 9A0.1, 9A0.2 and 9A0.3 only supports LTS 2022 version 10.12.135 and later.
  Products with hardware ID 7796, 7C3.1 and 7C3.2 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > Hardware ID.
  Applies to: AXIS P1375–E, AXIS P1377–LE and AXIS P1378–LE

Release date: 2022–12–05

Features

• Updated cURL to version 7.86.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1s to increase the overall cybersecurity level.

Corrections

• Corrected an issue where the metadata producer was disabled after upgrade when upgrading from AXIS OS 10.6 or 10.7 to 10.12.

• Corrected an issue that caused the wrong file size to be reported for recordings larger than 50MB when using FTP.

• Corrected an issue where ACAP application parameters were reset after AXIS OS upgrade.

• Corrected an issue to make it possible to create certificates with Common Name up to 64 characters.

• The vdo_stream_get_info capture API now returns the resulting channel.

• Corrected an issue with video streaming when using dynamic fps in Zipstream.
  Applies to: AXIS M3064-V, AXIS M3065-V, AXIS M3066-V, AXIS M3075-V, AXIS M3205-LV, AXIS M3206-LVE andAXIS Q9216-SLV

• Corrected an issue with broken image that could happen after start up.
  Applies to: AXIS M2035-LE andAXIS M2036-LE

• Corrected an issue where the Iris value was not shown when using Auto Iris.
  Applies to: AXIS V5925

• Corrected an issue which could cause audio clips not to play to completion.
  Applies to: AXIS Q6215-LE

• Corrected an issue that caused privacy masks to shift when using pan and tilt.
  Applies to: AXIS P1375

• Corrected an issue with loss of focus in wide infinity, that could occur after upgrading from 10.9.
  Applies to: AXIS P1448-LE

• Corrected an issue where the camera was not getting enough power when using certain POE switches.
  Applies to: AXIS Q6075 and ExCam XPT Q6075

Release date: 2022-11-03

Corrections

• Corrected an issue where upgrade from 10.9.4 to 10.12 was not possible.
  Applies to: AXIS P3265-LVE 22mm, AXIS 3267-LV/-LVE and AXIS P3268-LV/-LVE.

Release date: 2022-10–06

Features

• Updated cURL to version 7.85.0 to increase overall cybersecurity level.

• Added support for RFC8200 IPv6.

Corrections

• Corrected an issue to make it possible to create certificates with Common Name up to 64 characters.

• Corrected an issue that caused no video stream after upgrading from 9.80 LTS.
  Applies to: AXIS Q3527-LVE

• Improved the IR cut filter switching.
  Applies to: All products with IR cut filter.

• Corrected an issue where image processing could fail to work properly after 248 days of uptime.
  Applies to: AXIS Q1645/-LE and ExCam XF Q1645

• Corrected an issue where the new web interface was not showing streaming settings.
  Applies to: AXIS M2035-LE, AXIS M2036-LE, AXIS M3057-PLVE, AXIS M3058-PLVE, AXIS M3064-V, AXIS M3065-V, AXIS M3066-V, AXIS M3067-P, AXIS M3068-P, M3075-V, AXIS M3085-V, AXIS M3086-V, AXIS M3115-LVE, AXIS M3116-LVE, AXIS M3205-LVE, AXIS M3206-LVE, AXIS M4216–V/-LV, AXIS P3719-PLE

Limitations

• When upgrading AXIS OS from versions below 10.10.69 and metadata producers are used, the metadata producers must be enabled manually via System > Analytics metadata.

Release date: 2022-09-13

Features

• Updated cURL to version 7.84.0 to increase overall cybersecurity level.

• Added setting in Action rules for how many times an audio clip should be repeated when played.

• Products with hardware ID 998 only support active track 10.12.104 and later, as well as LTS 9.80.3.14 and later.
  Products with hardware ID 7CA support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3925-R

• Products with hardware ID 999 only support active track 10.12.104 and later, as well as LTS 9.80.3.14 and later.
  Products with hardware ID 7CC support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3925-LRE

• Products with hardware ID 99A.1 and 99A.2 only support active track 10.12.104 and later, as well as LTS 9.80.3.14 and later.
  Products with hardware ID 91A only support active track 10.10.69 and later, as well as LTS 2020 version 9.80.3.8.
  Products with hardware ID 7CC support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3935-LR

• Added the possibility to detect tailgating, if more than one person passes under a counter during a predefined time interval.
  Applies to: AXIS P8815-2.

Corrections

• Improved system stability.

• Corrected an issue that prevented the use of audio clips in action rules.
  Applies to: AXIS A8207-VE and AXIS A8207-VE Mk II

• Improved IR LED dimming algorithm.
  Applies to: AXIS Q3536-LVE and AXIS Q3538-LVE

• Corrected an issue to make WDR enabled as default.
  Applies to: AXIS M1135/-E Mk II and AXIS M1137/-E Mk II

• Corrected an issue where focus is lost over time.
  Applies to: AXIS P3727-PLE

• Corrected an issue in swaying object filters that made video stream flicker and metadata stream fail.
  Corrected an issue where ignore swaying objects was disabled after restart.
  Improved tracking at large angles.
  Improved general radar performance and stability.
  Applies to: AXIS D2110-VE

If you're looking for release notes from earlier versions of AXIS OS 10 active track, you can find them here.

Support phase: 2020 – 2025-12-31

Go to Products on LTS 2020 - 9.80 for a list of products on this track.

Release date: 2024-08–26

Cybersecurity updates

• Updated Apache to version 2.4.62 to increase overall cybersecurity level.

• Updated cURL to version 8.9.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1y to increase overall cybersecurity level.

• Updated OpenSSH to version 9.8p1 to increase overall cybersecurity level.

• Updated libssh2 to version 1.11.0 to increase overall cybersecurity level.

• Addressed CVE-2023-52160 in wpa-supplicant to increase overall minimum cybersecurity level.

• Addressed CVE-2024-0067, CVE-2024-6173, CVE-2024-6509. For more information, please visit the Axis vulnerability management portal.

Corrections

• Added DNS cache for O3C client to reduce the DNS lookup.

• Corrected an issue causing stream crashes via CGI input with invalid float values.
  Applies to: AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE and AXIS Q3527-LVE

Release date: 2024-06-17

Corrections

• Corrected an issue where SSH users who used ssh-copy-id to install their SSH key as authorized on the device would unintentionally still have SSH access after a factory default with keeping IP settings.

• Corrected memory problems for products utilizing AXIS O3C Dispatcher service.

Release date: 2024–05–28

Cybersecurity updates

• Addressed CVE-2024-0066. For more information, please visit the Axis vulnerability management portal.

• The parameter RemoteService.ProxyPassword that controls the proxy password has been masked and made unreadable for security reasons.

Release date: 2024–05–06

Cybersecurity updates

• Addressed CVE-2024-0054. For more information, please visit the Axis vulnerability management portal.

• Updated OpenSSH to version 9.6p1 to increase overall cybersecurity level.

• Updated cURL to version 8.7.1 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1x to increase overall cybersecurity level.

• Removed legacy overlay image CGIs i.e. create_overlay, overlay_set, overlay_del, overlay_image_formats, overlay_list.

Corrections

• Updated time zone database version to 2024a.

Release date: 2024–02–05

Cybersecurity updates

• Updated cURL to version 8.5.0 to increase overall cybersecurity level.

• Updated Apache to version 2.4.58 to increase the overall cybersecurity level.

• Addressed CVE-2023-5800. For more information, please visit the Axis vulnerability management portal.

Release date: 2023–11–01

Cybersecurity updates

• Updated cURL to version 8.4.0 to increase overall cybersecurity level.

Corrections

• Corrected CVE-2023-21417 and CVE‐2023‐21418.
  For more information, please visit the Axis vulnerability management portal.

• Corrected critical Kernel crashes for improved system stability.
  Applies to: AXIS M2026-LE Mk II, AXIS M3015, AXIS M3016, AXIS M3106-L/-LVE Mk II, AXIS Q6125-LE and ExCam XF M3016

Release date: 2023–10–13

Cybersecurity updates

• Updated cURL to version 8.3.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1w to increase the overall cybersecurity level.

Corrections

• Corrected CVE-2023-21415. For more information, please visit the Axis vulnerability management portal.

• Improved stability of the WSDD (Web Services Dynamic Discovery) by addressing a potential memory leak and crashes associated with network interface rebinding on network changes.

Release date: 2023–08–22

Cybersecurity updates

• Updated cURL to version 8.2.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1v to increase the overall cybersecurity level.

Corrections

• Added proxy configuration support to the Owner Authentication Key (OAK) cgi using group root.RemoteService, simplifying setup on networks requiring proxy servers for Internet access and improving the authentication process.

• Added the possibility to Netd Service to preserve the static resolver configuration even after a soft restore, safeguarding static DNS/Search domain settings.

• Improved stability of UPnP (Universal Plug and Play) service.

• Updated the mDNS Responder Daemon (mDNSResponder) to version 1790.80.10 to improve system stability.

• Improved stability of the syslog system by addressing a potential memory leak.

Release date: 2023–06–26

Features

• Improved UPnP compliance by updating the SSDP (Simple Service Discovery Protocol) SERVER header in the standard "OS/version UPnP/1.0 product/version" format and USN (Unique Service Name) field with a UUID in the standard format. This enhances consistency and compatibility.

• Updated time zone database version to 2023c.

Cybersecurity updates

• Updated Apache to version 2.4.57 to increase the overall cybersecurity level.

• Updated cURL to version 8.1.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1u to increase the overall cybersecurity level.

• Updated libupnp to version 1.14.16, solving a memory leak and improving overall stability.

Corrections

• Corrected an issue with OAK (owner authentication key). It now only produces warnings in the log instead of errors if the device is not able to connect to the internet.

• Improved the handling of SD card timeouts, ensuring that processes no longer hang for prolonged periods when a faulty SD card is detected.
  Applies to: All products with SD card support

Release date: 2023–04–24

Features

• Updated Apache to version 2.4.56 to increase the overall cybersecurity level.

• Updated cURL to version 8.0.1 to increase overall cybersecurity level.

• Improved the manager client certificates and added support for installing multiple trust certificates and requesting/installing a second client certificate.

• Products with Hardware 9A0.1, 9A0.2 and 9A0.3 only support active track version 11.2.53 and later, LTS 2022 version 10.12.135 and later, as well as LTS 2020 version 9.80.28 and later.
  Products with hardware ID 796, 7C3.1 and 7C3.2 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > Hardware ID.
  For more information, read the related FAQ.
  Applies to: AXIS P1375-E, AXIS P1377-LE and AXIS P1378-LE

Corrections

• Added detailed health information from SD cards to the server report, including power cycle statistics and flash wear rates. This improvement allows for a better monitoring of the system's health that can prevent downtime or data loss.

• Corrected low-light image quality issues.
  Applies to: AXIS Q1700-LE, AXIS Q1785-LE, AXIS Q1786-LE, ExCam XF Q1785, F101-A XF Q1785, XF40-Q1785 and XP40-Q1785

• Added fallback mode for network hardware that is limited to 10BASE-T and 100BASE-TX transmission.
  Applies to: All AXIS ARTPEC-7 products

• Corrected an issue where the "Turn on/off camera heater" option was appearing in the on-screen control dropdown, even though the product does not have a heater.
  Applies to: AXIS P1375-E, AXIS P1377-LE and AXIS P1378-LE

Release date: 2023-03-07

Features

• Updated Apache to version 2.4.55 to increase the overall cybersecurity level.

• Updated cURL to version 7.88.1 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1t to increase overall cybersecurity level.

• Updated time zone database version to 2022g.

• Receiving ICMP secure redirects from other network hosts are now disabled to increase overall minimum cyber security level.

Corrections

• Corrected an issue affecting some O3C clients, that caused internal authentication requests to fail after a few days of uptime.

• Improved stability of syslog system by addressing a potential memory leak.

• Improved stability of the PTZ VAPIX parser.
  Applies to: AXIS M3115-LVE and AXIS M3116-LVE

• Corrected an issue that caused privacy masks to remain the same size during zooming after a restart. The privacy masks will now adjust their size in relation to the rest of the image during zooming, which is the expected behavior.
  Applies to: AXIS Q1700-LE

• Corrected an issue with simultaneous PTZ ONVIF requests.
  Applies to: AXIS P5654-E, AXIS P5655-E, AXIS Q1700-LE, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q6010-E, AXIS Q6074/-E, AXIS Q6075/-E/-S, AXIS Q6125-LE, AXIS Q6215-LE, AXIS Q8641-E, AXIS Q8642-E, D201-S XPT Q6075, ExCam XF Q1785, ExCam XPT Q6075, F101-A XF Q1785, XF40-Q1785 and XP40-Q1785

Release date: 2022-12-15

Corrections

General improvements.

Release date: 2022-11-29

Features

• New versioning on AXIS OS LTS 2020. For more information, see AXIS OS versioning.

• Updated cURL to version 7.86.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1s to increase the overall cybersecurity level.

• Updated time zone database version to 2022d. This version has some common time zones, such as Europe/Amsterdam, Europe/Copenhagen, Europe/Oslo, Europe/Stockholm, and more, removed from the recommended list of time zones.

• Products with Hardware ID 9A1 only supports LTS 2020 version 9.80.10 and later.
  Products with hardware ID 756 supports all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > Hardware ID.
  Applies to: AXIS Q6215-LE

• Products with hardware ID 97A.1 and 97A.2 only support AXIS OS 10.12.73 and later, as well as LTS 2020 version 9.80.10 and later.
  Products with hardware ID 7CF.1 and 7CF.2 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS Q6010-E

Corrections

• Corrected an issue that caused a wrong file size to be reported for recordings larger than 50MB when using FTP.

• Corrected an issue that prevented the possibility to change manual IR Illumination angle from the web interface.
  Applies to: AXIS Q1785-LE, AXIS Q1786-LE and AXIS Q1798-LE

• Corrected an issue that on rare occasions caused the image to show horizontal lines or an over-saturated image.
  Applies to: AXIS M3064-V, AXIS M3065-V, AXIS M3066-V, AXIS M3075-V, AXIS M3205-LVE, AXIS M3206-LVE and AXIS Q9216-SLV

Release date: 2022-09-12

Features

• Updated cURL to version 7.84.0 to increase overall cybersecurity level.

• Products with hardware ID 998 only support active track 10.12.104 and later, as well as LTS 9.80.3.14 and later.
  Products with hardware ID 7CA support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3925-R

• Products with hardware ID 999 only support active track 10.12.104 and later, as well as LTS 9.80.3.14 and later.
  Products with hardware ID 7CC support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3925-LRE

• Products with hardware ID 99A.1 and 99A.2 only support active track 10.12.104 and later, as well as LTS 9.80.3.14 and later.
  Products with hardware ID 91A only support active track 10.10.69 and later, as well as LTS 2020 version 9.80.3.8.
  Products with hardware ID 7CC support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3935-LR

Corrections

• Corrected an issue that caused audio via external VMS to stop working.

• Improved focus behavior after an upgrade.
  When upgrade is finished, perform also calibration System > Maintenance > Optics > Calibrate and autofocus Image > Autofocus.
  Applies to: AXIS P3245-LV/-LVE, AXIS P3247-LV/-LVE and AXIS P3248-LV/-LVE.

Release date: 2022-07-22

Features

• Updated Apache web server to version 2.4.54 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1q to increase overall cybersecurity level.

• Updated cURL to version 7.83.1 to increase overall cybersecurity level.

• Products with hardware ID 991 and 992 only support active track 10.11.87 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 7BD and 7C0 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS M3067-P and AXIS M3068-P

• Products with hardware ID 993.1, 993.2, 994.1 and 994.2 only support active track 10.11.89 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 985.1, 985.2, 986.1 and 986.2 only support active track 10.11.85 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 956.1, 956.2, 956.3 and 956.4 only support active track 10.8.3 and later, as well as LTS track 9.80.3.9 and later.
  Products with hardware ID 91E.1, 91E.2, 91F.1 and 91F.2 only support active track 10.4.0 and later, as well as LTS track 9.80.3.1 and later.
  Products with hardware ID 7BE.1, 7BE.2, 7BF.1 and 7BF.2 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3247-LV/-LVE and AXIS P3248-LV/-LVE

• Products with hardware ID 990 only support active track 10.12.65 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 7AF support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS Q1798-LE

• Products with hardware ID 981 and 982 only support active track version 10.11.85 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 7BB and 7BC support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS M3115-LVE and AXIS M3116-LVE

• Products with hardware ID 98E.1, 98E.2, 98E.3, 98D.1, 98D.2 and 98D.3 only support active track 10.12.65 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 795, 796, 7C2.1, 7C2.2, 7C3.1 and 7C3.2 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  For more information, read the related FAQ.
  Applies to: AXIS P1375/-E, AXIS P1377/-LE, AXIS P1378/-LE, F101-A XF P1377 and ExCam XF P1377

• Products with hardware ID 983.1 an 983.2 only support AXIS OS 10.11.85 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 90F.1 and 90F.2 support AXIS OS versions from 10.3.01 and LTS versions from 9.80.3.1.
  Products with hardware ID 79E.1 and 79E.2 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3245-V/-VE

• Products with hardware ID 984.1 and 984.2 only support active track 10.11.85 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 910.1 and 910.2 only support active track 10.3.0.1 and later, as well as LTS track 9.80.3.1 and later.
  Products with hardware ID 79F.1, 79F.2, 79F.3 and 79F.4 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS P3245-LV/-LVE

• Products with hardware ID 987.1, 987.2, 988.1, 988.2, 989.1, 989.2, 98A.1, 98A.2, 98B.1 and 98B.2 only support active track 10.11.87 and later, as well as LTS track 9.80.3.13 and later.
  Products with hardware ID 917.1, 917.2, 918.1, 918.2, 914.1, 914.2, 915.1, 915.2, 916.1 and 916.2 support AXIS OS version 10.6.5 and later, and as well as LTS track 9.80.3.4 and later.
  Products with hardware ID 7D9.1, 7D9.2, 7DA.1, 7DA.2, 7B0, 7B1, 7FA.1 and 7FA.2 support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.
  Applies to: AXIS Q6074/-E, AXIS Q6075/-E, D201-S XPT Q6075 and ExCam XPT Q6075

Corrections

• ONVIF recordings are now continued automatically after disruptions.

Release date: 2022-06-09

Features and corrections

• Updated OpenSSL to version 1.1.1o to increase the overall cybersecurity level.

• General improvements to the LTS 2020 platform.

• Corrected an issue that would cause the AXIS OS upgrade to fail on rare occasions.

• Corrected CVE-2018-25032.

Release date: 2022-05-09 (to be rolled out within 3 weeks of release date)

Features

• Updated OpenSSL to version 1.1.1n to increase overall minimum cybersecurity level.

• Updated Apache to version 2.4.53 to increase overall cybersecurity level.

• Updated wpa-supplicant to version 2.10 to increase overall minimum cybersecurity level.

Corrections

• General improvements to the LTS 2020 platform.

• Receiving ICMP redirects from other network hosts is now disabled to increase overall minimum cybersecurity level.

• Updated the certificate management API's to handle camera models that do not support Real-Time Streaming Protocol over SSL (RTSPS).

• Corrected CVE-2021-29462.

• Corrected CVE-2021-33910.

• Improved memory management in the network services daemon.

• On some units focus might drift over time. Lens control has been improved to reduce this type of issues. Calibrate and autofocus the camera after upgrade.
  Applies to: AXIS P3245-V/-VE/-LV/-LVE

Release date: 2022-03-16

Features

• Updated OpenSSL to version 1.1.1m to increase overall cybersecurity level.

• Updated Apache to version 2.4.52 to increase overall cybersecurity level.

Corrections

• Improved HDMI video output.
  Applies to: AXIS M3065-V, AXIS M3066-V and AXIS M3075-V

• Corrected an issue that caused the send images event to stop uploading towards an FTP server when the filename included a space (" ").

• Corrected CVE-2020-13848.

• Corrected an issue that prevented the Axis device to stream a 3rd unique video stream in rare conditions.
  Applies to: AXIS Q6125-LE

• Improved handling of empty recordings.

• Support for a new audio codec - ADAU1361 - has been added.
  Applies to: AXIS P3935-LR

• Corrected an issue that caused the IR-cut filter to get stuck halfway.
  Applies to: AXIS P3925-R/-LRE and AXIS P3935-LR

Release date: 2022-02-01

Only for AXIS P3245-LV/-LVE, AXIS P3247-LV/-LVE and AXIS P3248-LV/-LVE.

Features

• Updated Apache to version 2.4.52 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1m to increase the overall cybersecurity level.

• Products with hardware ID 956.x only support 10.8.3 and later, as well as 9.80.3.9 on LTS 2020.
  Products with hardware ID 91E.x and 91F.x support 10.4.0 and later, as well as LTS 2020 9.80.3.1 and later.
  Products with hardware ID 7BE.x and 7BF.x support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.

Corrections

• Corrected an issue that caused the send images event to stop uploading towards an FTP server when the filename included a space (" ").

• Corrected CVE-2020-13848.

Release date: 2021-12-20

Features

• Updated Apache to version 2.4.51 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1l to increase overall cybersecurity level.

• Updated cURL to version 7.79.1 to increase overall cybersecurity level.

• Support for a new audio codec - ADAU1361 - has been added. Products with hardware ID 91A will now support the new codec. The hardware ID can be found via Plain config > Properties > System > HardwareID
  Applies to: AXIS P3935-LR

Corrections

• General improvements to the LTS 2020 platform.

• Corrected an issue that caused active recordings to be restarted when adding a new recording rule.

• Improved system stability of the Network Services.

• The remote syslog configuration is now preserved during a AXIS OS update within the same track.

• Corrected an issue that caused overlay text flickers when used in conjunction with an event triggered by the recording ongoing condition.

• Adjusted the default tilt to range between 0 to -180 degrees.
  Applies to: AXIS Q6074-E

• Improved response time of the I/O port monitoring cgi /axis-cgi/io/input.cgi?monitor=1.
  Applies to: AXIS D2050-VE, AXIS FA54, AXIS P1364/-E, AXIS P1365/-E Mk II, AXIS P1367/-E, AXIS P1368-E, AXIS P5655-E, AXIS Q1615/-LE Mk II, AXIS Q1645/-LE, AXIS Q1647/-LE, AXIS Q1659, AXIS Q1700-LE, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q1798-LE, AXIS Q1941-E, AXIS Q1942-E, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE, AXIS Q3518-LVE, AXIS Q3527-LVE, AXIS Q6074, AXIS Q6075, AXIS Q6075-S/-SE, AXIS Q8641-E, AXIS Q8642-E, ExCam XF Q1645, ExCam XF Q1785, F101-A XF Q1785, XP40-Q1785 and XP40-Q1942

• Corrected CVE-2021-3658.
  Applies to: AXIS Companion Cube LW, AXIS Companion Dome WV, AXIS M1045-LW, AXIS M1065-LW, AXIS M3044-WV and AXIS M3045-WV

• Improved stability of the imaging processing to prevent crashes during darkness.
  Applies to: AXIS Companion Dome V

• Corrected an issue that could cause 'transmit.cgi' to close the connection prematurely when transmitting audio to the camera.
  Applies to: AXIS Companion Bullet LE, AXIS Companion Cube L/-LW, AXIS Companion Dome V/-WV, AXIS Companion Eye L, AXIS Companion Bullet mini LE, AXIS Companion Dome mini LE, AXIS Companion Eye mini L, AXIS Companion Recorder, AXIS D2050-VE, AXIS FA54, AXIS M1045-LW, AXIS M1065-L/-LW, AXIS M1124/-E, AXIS M1125/-E, AXIS M1134, AXIS M1135/-E, AXIS M1137/-E, AXIS M2025-LE, AXIS M2026-LE, AXIS M2026-LE Mk II, AXIS M3015, AXIS M3016, AXIS M3044-V/-WV, AXIS M3045-V/-WV, AXIS M3046-V, AXIS P9106-V, AXIS M3057-PLVE, AXIS M3058-PLVE, AXIS M3064-V, AXIS M3065-V, AXIS M3066-V, AXIS M3075-V, AXIS M3067-P, AXIS M3068-P, AXIS M3104-L/-LVE, AXIS M3105-L/-LVE, AXIS M3106-L/-LVE, AXIS M3106-L/-LVE Mk II, AXIS M3115-LVE, AXIS M3116-LVE, AXIS M3205-LVE, AXIS M3206-LVE, AXIS P1244, AXIS P1245, AXIS P1254, AXIS P1264, AXIS P1265, AXIS P1275, AXIS P1280-E, AXIS P1290-E, AXIS P1364/-E, AXIS P1365/-E Mk II, AXIS P1367/-E, AXIS P1368-E, AXIS P1375/-E, AXIS P1377/-LE, AXIS P1378/-LE, AXIS P1435-E, AXIS P1435-LE, AXIS P1445-LE, AXIS P1445-LE-3, AXIS P1447-LE, AXIS P1448-LE, AXIS P3224-V/-VE/-LV/-LVE Mk II, P3225-V/-VE/-LV/-LVE Mk II, AXIS P3227-LV/-LVE, AXIS P3228-LV/-LE, AXIS P3235-LV/-LVE, AXIS P3245-V/-VE/-LV/-LVE, AXIS P3247-LV/-LVE, AXIS P3248-LV/-LVE, AXIS P3374-V/-LV, AXIS P3375-V/-VE/-LV/-LVE, AXIS P3717-PLE, AXIS P3807-PVE, AXIS P3925-R/-LRE, AXIS P3935-LR, AXIS P5654-E, AXIS P5655-E, AXIS Q1615/-LE Mk II, AXIS Q1645/-LE, AXIS Q1647/-LE, AXIS Q1659, AXIS Q1700-LE, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q1798-LE, AXIS Q1941-E, AXIS Q1941-E PT Mount, AXIS Q1942-E, AXIS Q1942-E PT Mount, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE, AXIS Q3518-LVE, AXIS Q3527-LVE, AXIS Q3615-VE, AXIS Q3617-VE, AXIS Q6010-E, AXIS Q6074/-E, AXIS Q6075/-E/-S/-SE, AXIS Q6125-LE, AXIS Q6215-LE, AXIS Q8641-E, AXIS Q8642-E, AXIS Q9216-SLV, ExCam XF Q1645, ExCam XF Q1785, F101-A XF Q1785, XP40-Q1785 and XP40-Q1942

• Corrected an issue in the temperature controller that caused warnings in the logs after a factory reset.
  Applies to: AXIS P3245-V/-VE

• Updated the header for H.265 streams to not include delay information to avoid that some video clients may mistake it for B-frames.
  Applies to: AXIS M1134, AXIS M1135/-E, AXIS M1137/-E, AXIS M3067-P, AXIS M3068-P, AXIS M3115-LVE, AXIS M3116-LVE, AXIS P1375/-E, AXIS P1377/-LE, AXIS P1378/-LE, AXIS P3245-V/-VE/-LV/-LVE, AXIS P3247-LV/-LVE, AXIS P3247-LVE/-LVE, AXIS P3925-R/-LRE, AXIS P3935-LR, AXIS P5654-E, AXIS P5655-E, AXIS Q1798-LE, AXIS Q6074/-E and AXIS Q6075/-E/-S/-SE

• Corrected an issue where the camera sometimes did not recover from night mode. Please power off/on the camera after upgrade for this correction to take effect.
  Applies to: AXIS M3205-LVE and AXIS M3206-LVE

Release date: 2021-09-07 (to be rolled out within three weeks of release date)

Features

• Updated Apache to version 2.4.48 to increase overall cybersecurity level.

• Updated cURL to version 7.78.0 to increase overall cybersecurity level.

Corrections

• The porttest-cgi is not used and is now removed from the platform.

• Corrected an issue that could cause an RTSP stream to stop after 60+ seconds if streamed to an openRTSP client.

• Corrected an issue that interrupted the NTP-time-sync between the Axis device and NTP-server when the NTP-server was unstable and suffered fluctuating time-changes.

• Made sure audio and video frames are grouped correctly in exportrecording.cgi.

• Corrected the following CVEs:

• • CVE-2021-31988

  • CVE-2021-31987

  • CVE-2021-31986

  • CVE-2021-27219

  • CVE-2021-27218

  • CVE-2020-26558

• Corrected an issue that prevented the mute signal to be properly transmitted to the audio controller.
  Applies to: AXIS Companion Cube L/-LW and AXIS M1065-L/-LW

Release date: 2021-06-29

Only for AXIS Q6074/-E, AXIS Q6075/-E, D201-S XPT Q6075 and ExCam XPT Q6075.

Features and corrections

• General improvements to the LTS 2020 platform.

• Products with hardware ID 918, 917, 916, 915 and 914 only support 10.6.5 and later, or 9.80.3.4 and later on LTS 2020.
  Products with hardware ID 7D9, 7DA, 7B0, 7B1 and 7FA support all AXIS OS versions.
  The hardware ID can be found in Plain config > Properties > System > HardwareID.

Release date: 2021-06-28 (to be rolled out within three weeks of release date)

Features

• Updated OpenSSH to version 8.6p1 to increase the overall minimum cyber security level.

• Added support for dynamic power allocation via Link Layer Discovery Protocol (LLDP) in addition to PoE-class based power allocation. This allows the switch to allocate less power to the camera and potentially a greater number of PoE devices can be connected to the switch. LLDP can be enabled in Settings > System > PlainConfig > Network > LLDP POE > LLDP Send Max PoE.
  Applies to: AXIS M3115-LVE and AXIS M3116-LVE

Corrections

• Corrected an issue that did not account for MTU packet fragmentation for IEEE 802.1x authentication. Previously the Axis device was not able to authenticate properly against an 802.1x network when the MTU was configured to 1410 or lower.

• Corrected an issue that prevented the device to stream in always-multicast mode after the video stream processing was restarted.

• Extended the 802.1x EAP-Identity field character limit from 32 to 128 characters.

• Increased the number of characters allowed in the name of an Action Event Condition, from 80 to 512.

• Corrected an issue that caused already established secure connections such as HTTPS or One-Click Cloud Connections to be interrupted.
  Applies to: AXIS Q6074/-E and AXIS Q6075/-E/-S

• Corrected an issue that caused distorted images in cropped corridor mode.
  Applies to: AXIS D2050-VE, AXIS FA54, AXIS M3057-PLVE, AXIS M3058, AXIS P1367/-E, AXIS P1368-E, AXIS P1445-LE, AXIS P1445-LE-3, AXIS P1447-LE, AXIS P1448-LE, AXIS P3227-LV/-LVE, AXIS P3228-LV/-LVE, AXIS P3717-PLE, AXIS P3807-PVE, AXIS Q1645/-LE, AXIS Q1647/-LE, AXIS Q1659, AXIS Q1700-LE, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE, AXIS Q3518-LVE, AXIS Q3527-LVE, AXIS Q6215-LE, ExCam XF Q1785, F101-A Q1785 and XP40-Q1785

Go to Products on PSS 8.40 for a list of products on this track.

Release date: 2024-09-10

Cybersecurity updates

• Updated Apache to version 2.4.62 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1y to increase overall cybersecurity level.

• Updated OpenSSH to version 9.8p1 to increase overall cybersecurity level.

• Updated cURL to version 8.9.0 to increase overall cybersecurity level.

• Updated libssh2 to version 1.11.0 to increase overall cybersecurity level.

• Updated Nettle cryptographic library to version 3.6 to increase overall cybersecurity level.

• Addressed vulnerability allowing unauthorized command execution via param.cgi.

• Addressed a vulnerability allowing DHCPv6 lease injection through unvalidated input parameters.

• Addressed vulnerabilities in GnuTLS: CVE-2024-28834 and CVE-2024-28835.

• Addressed CVE-2023-52160 in wpa-supplicant to increase overall minimum cybersecurity level.

• Addressed CVE-2024-0067, CVE-2024-6173, CVE-2024-6509. For more information, please visit the Axis vulnerability management portal.

Corrections

• Resolved an issue where SSH users could retain access after a factory default with kept IP settings.

• Corrected a stream crash caused by invalid float values in CGI input.

• Implemented DNS cache for O3C client to reduce DNS lookups.

Release date: 2024-05-29

Cybersecurity updates

• Addressed CVE-2024-0066. For more information, please visit the Axis vulnerability management portal.

• The parameter RemoteService.ProxyPassword that controls the proxy password has been masked and made unreadable for security reasons.

Release date: 2024-03-04

Cybersecurity updates

• Addressed CVE-2024-0054. For more information, please visit the Axis vulnerability management portal.

• Addressed CVE-2023-5800. For more information, please visit the Axis vulnerability management portal.

• Updated OpenSSL to version 1.1.1x to increase overall cybersecurity level.

• Updated OpenSSH to version 9.6p1 to increase overall cybersecurity level.

• Updated Apache to version 2.4.58 to increase overall cybersecurity level.

Release date: 2023–11–01

Cybersecurity updates

• Updated cURL to version 8.4.0 to increase overall cybersecurity level.

Corrections

• Corrected CVE‐2023‐21418. For more information, please visit the Axis vulnerability management portal.

Release date: 2023–10–09

Cybersecurity updates

• Updated cURL to version 8.3.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1w to increase the overall cybersecurity level.

Corrections

• Corrected CVE‐2023‐21415. For more information, please visit the Axis vulnerability management portal.

Release date: 2023–09–05

Cybersecurity updates

• Updated cURL to version 8.2.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1v to increase the overall cybersecurity level.

Corrections

• Netd Service preserves the static resolver configuration even after a soft restore, safeguarding static DNS/Search domain settings.

Release date: 2023–06–26

Features

• Improved UPnP compliance by updating the SSDP (Simple Service Discovery Protocol) SERVER header in the standard "OS/version UPnP/1.0 product/version" format and USN (Unique Service Name) field with a UUID in the standard format. This enhances consistency and compatibility.

Cybersecurity updates

• Updated Apache to version 2.4.57 to increase the overall cybersecurity level.

• Updated cURL to version 8.1.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1u to increase the overall cybersecurity level.

• Updated libupnp to version 1.14.16, solving a memory leak and improving overall stability.

Corrections

• Corrected an issue with OAK (owner authentication key). It now only produces warnings in the log instead of errors if the device is not able to connect to the internet.

Release date: 2023–04–26

Features

• Updated Apache to version 2.4.56 to increase the overall cybersecurity level.

• Updated cURL to version 8.0.1 to increase overall cybersecurity level.

• Improved the manager client certificates and added support for installing multiple trust certificates and requesting/installing a second client certificate.

Release date: 2023-03-13

Features

• Updated Apache to version 2.4.55 to increase the overall cybersecurity level.

• Updated cURL to version 7.88.1 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1t to increase overall cybersecurity level.

• Receiving ICMP secure redirects from other network hosts are now disabled to increase overall minimum cyber security level.

Corrections

• Corrected an issue affecting some O3C clients, that caused internal authentication requests to fail after a few days of uptime.

• Improved stability of syslog system by addressing a potential memory leak.

• Corrected an issue with the audio transmit function where the response to /axis- cgi/audio/transmit.cgi is returning a '400 Bad Request' error.
  Applies to: All products with audio support

• Corrected an issue with simultaneous PTZ ONVIF requests.
  Applies to: AXIS P5514-E, AXIS P5515, AXIS M5525-E, AXIS P5624-E Mk II, AXIS P5635-E Mk II, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q6052/-E, AXIS Q6054/-E, AXIS Q6054/-E Mk II, AXIS Q6054/-E Mk III, AXIS Q6055/-E/-C/-S, AXIS Q6124-E, AXIS Q6125-LEAXIS Q8641-E, AXIS Q8642-E, D201-S XPT Q6055 and ExCam XPT Q6055

Release date: 2022-12-12

Features

• New versioning on AXIS OS LTS 2018. For more information, see AXIS OS versioning.

• Updated OpenSSL to version 1.1.1s to increase the overall cybersecurity level.

• Updated cURL to version 7.86.0 to increase overall cybersecurity level.

Corrections

• Corrected an issue that caused a wrong file size to be reported for recordings larger than 50MB when using FTP.

• Corrected an issue that prevented streaming in always-multicast mode when the device was started without network connection.

• Corrected an issue in the bootloader that prevented upgrade to AXIS OS LTS 2020 - 9.80.
  Applies to: AXIS P1435-E/-LE, AXIS P3904-R Mk II and AXIS P3905-R Mk II

• Increase the number of audio files for pre-configured sounds from 10 to 50.
  Applies to: AXIS M5525-E

Release date: 2022-10-18

Features and corrections

• Updated cURL to version 7.85.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1q to increase the overall cybersecurity.

Corrections

• General improvements to the LTS-2018 platform.

• Corrected an issue that caused audio via external VMS to stop working.

• Improved wide zoom (optical zoom 1x) Autofocus quality during night time conditions.
  Applies to: AXIS Q6155-E and AXIS Q6154-E

Release date: 2022-07-21

Features

• Updated Apache web server to version 2.4.54 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1p to increase overall cybersecurity level.

• Updated cURL to version 7.83.1 to increase overall cybersecurity level.

Corrections

• Corrected an issue where the time tooltip was not displaying the correct date after passing midnight. Also, the date in the recordings list and the export was sometimes 1 day off.

• Corrected an issue where 802.1X would not trust the intermediate certificate authority (CA).

• Corrected an issue that caused time-out while reading boot block parameters.

Release date: 2022-05-18 (to be rolled out within 3 weeks of release date)

Features

• Updated Apache to version 2.4.53 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1o to increase the overall cybersecurity level.

• Updated wpa-supplicant to version 2.10 to increase overall minimum cybersecurity level.

Corrections

• General improvements to the LTS 2018 platform.

• Receiving ICMP redirects from other network hosts is now disabled to increase overall minimum cybersecurity level.

• Improved memory management in the network services daemon.

• Corrected an issue that caused the send images event to stop uploading towards a FTP server when the filename included a space (" ").

• Corrected CVE-2018-25032.

Release date: 2022-01-24 (to be rolled out within 3 weeks of release date)

Features

• Updated Apache to version 2.4.52 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1m to increase overall cybersecurity level.

• Updated cURL to version 7.79.1 to increase overall cybersecurity level.

Corretions

• The remote syslog configuration is now preserved during a AXIS OS update within the same track.

• Improved handling of empty recordings.

• Corrected an issue that prevented AXIS OS upgrade from LTS 2016 (6.50).

• Corrected CVE-2021-3658.
  Applies to: AXIS Companion Cube LW, AXIS M1045-LW, AXIS M1065-LW, AXIS M3044-WV and AXIS M3045-W

• Improved stability of the imaging processing to prevent crashes in some darkness conditions.
  Applies to: AXIS Companion Dome V

• Corrected an issue that could cause 'transmit.cgi' to close connection prematurely when transmitting audio to the camera.
  Applies to: AXIS Companion Cube L/-LW, AXIS FA54, AXIS M1065-L/-LW, AXIS P1364/-E, AXIS P1365/-E Mk II, AXIS P1367/-E, AXIS P1368-E, AXIS P1445-LE, AXIS P1445-LE-3, AXIS P1447-LE, AXIS P1448-LE, AXIS P3235-LV/-LVE, AXIS P3374-V/-LV, AXIS P3375-V/-VE/-LV/-LVE, AXIS Q1615/-E Mk II, AXIS Q1645/-LE, AXIS Q1647/-LE, AXIS Q1659, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q1941-E, AXIS Q1942-E, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE, AXIS Q3518-LVE, ExCam XF Q1645 and XP40-Q1942

Release date: 2021-10-04 (to be rolled out within 3 weeks of release date)

Features

• Updated Apache to version 2.4.48 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1l to increase overall cyber security level.

• Updated cURL to version 7.78.0 to increase overall cybersecurity level.

• Updated OpenSSH to version 8.6p1 to increase the overall minimum cybersecurity level.

Corrections

• Corrected an issue that in combination with some VMSes and low resolution could cause brief disconnections in the video stream.

• Improved memory management in the network services daemon.

• Improved memory management in the DHCP lease update daemon.

• Corrected an issue that prevented the Axis device to respond with "HTTP 403 Forbidden" when the source-ip address was blocked when using PreventDOSAttack in Plain Config > System. Previously "HTTP 401 Unauthorized" was returned.

• Corrected nice names for the PreventDoSAttack parameters in Settings > System > Plain Config > System > PreventDoSAttack.

• Corrected an issue that did not account for MTU packet fragmentation for IEEE 802.1x authentication. Previously the Axis device was not able to authenticate properly against an 802.1x network when the MTU was configured to 1410 or lower.

• Corrected an issue that prevented streaming in always-multicast mode on rare occasions.

• Extended the 802.1x EAP-Identity field character limit from 32 to 128 characters.

• Corrected an issue that interrupted the NTP-time-sync between the Axis device and NTP-server when the NTP-server was unstable and suffered fluctuating time-changes.

• Corrected an issue that could cause an RTSP stream to stop after 60+ seconds if streamed to an openRTSP client.

• Corrected the following CVE:s

• • CVE-2021-31988

  • CVE-2021-31987

  • CVE-2021-31986

  • CVE-2021-27219

  • CVE-2021-27218

  • CVE-2020-26558
    Affected products: AXIS M1045-LW, AXIS M1065-LW, AXIS M3045-WV, AXIS M3044-WV, AXIS Companion Cube LW and AXIS Companion Dome WV

  • CVE-2019-12450

• Corrected an issue that caused images to be unusually dark when using WDR mode.
  Applies to: AXIS Companion Bullet LE, AXIS Companion Eye L/-LVE, AXIS M1124/-E, AXIS M1125/-E, AXIS M2025-LE, AXIS M3104-L/-LVE, AXIS M3105-L/-LVE, AXIS P1244, AXIS P1245, AXIS P1254, AXIS P1264, AXIS P1265, AXIS P1275, AXIS P1280-E, AXIS P1290-E, AXIS P1364/-E, AXIS P1365/-E Mk II, AXIS P1435-E/-LE, AXIS P3224-V/-VE/-LV/-LVE Mk II, AXIS P3225-V/-VE/-LV/-LVE Mk II, AXIS P3235-LV/-LVE, AXIS P3374-V/-LV, AXIS P3375-V/-VE/-LV/-LVE, AXIS Q1615/-E Mk II, AXIS Q1941-E, AXIS Q1941-E PT Mount, AXIS Q1942-E, AXIS Q1942-E PT Mount, AXIS Q3615-VE, AXIS Q3617-VE, AXIS Q6154-E, AXIS Q8641-E, AXIS Q8642-E and XP40-Q1942

• Corrected an issue that caused installation of ACAP using packagemanager.cgi to fail.
  Applies to: AXIS M3045-V

• Improved system stability when streaming multiple video streams at the same time.
  Applies to: AXIS FA54

• Improved stability in recording management.
  Applies to: AXIS Companion Cube L/-LW,AXIS Companion Dome V/-WV, AXIS M1045-LW, AXIS M1065-L/-LW, AXIS M2026-LE, AXIS M3044-V/-WV, AXIS M3045-V/-WV, AXIS M3046-V, AXIS P9106-V, AXIS M3106-L/-LVE

Release date: 2021-04-19 (to be rolled out within 3 weeks of release date)

Features

• Updated OpenSSL to version 1.1.1k to fix CVE-2021-3449 and CVE-2021-3450.

• Updated cURL to version 7.73.0 to increase overall cybersecurity level.

Corrections

• Improved Link Layer Discovery Protocol (LLDP) system stability.

• Corrected an issue that caused IEEE 802.1x network authentication to fail sometimes after unexpected reboots.

• Corrected an issue in oak.cgi that could cause invalid requests.

• Corrected an issue that caused the value of Quality of Service (QoS) to not be respected in always multicast mode.

• Corrected an issue that caused PKCS#12-formatted certificate uploads to fail when certain special characters were used as a password.

• Corrected an issue that caused video clients to not display a low-FPS video stream due to missing base FPS info in VUI timing info.
  Applies to: AXIS FA54, AXIS M3057-PLVE, AXIS M3058-PLVE, AXIS P1367/-E, AXIS P1368-E, AXIS P1445-LE, AXIS P1445-LE-3, AXIS P1447-LE, AXIS P1448-LE, AXIS P3227-LV/-LVE, AXIS P3228-LV/-LVE, AXIS Q1645/-LE, AXIS Q1647/-LE, AXIS Q1659, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE and AXIS Q3518-LVE

• Corrected an issue that could cause live image to blink in dark conditions on rare occasions.
  Applies to: AXIS FA54, AXIS M3057-PLVE, AXIS M3058-PLVE, AXIS P1367/-E, AXIS P1368-E, AXIS P1445-LE, AXIS P1445-LE-3, AXIS P1447-LE, AXIS P1448-LE, AXIS P3227-LV/-LVE, AXIS P3228-LV/-LVE, AXIS Q1645/-LE, AXIS Q1647/-LE, AXIS Q1659, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE and AXIS Q3518-LVE

• Corrected an issue with pause-frame handling that could cause network disconnections if pause-frames were enabled and used in the network.
  Applies to: AXIS FA54, AXIS M3057-PLVE, AXIS M3058-PLVE, AXIS P1367/-E, AXIS P1368-E, AXIS P1445-LE, AXIS P1445-LE-3, AXIS P1447-LE, AXIS P1448-LE, AXIS P3227-LV/-LVE, AXIS P3228-LV/-LVE, AXIS Q1645/-LE, AXIS Q1647/-LE, AXIS Q1659, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE and AXIS Q3518-LVE

• Corrected an issue that prevented the device to utilize the available network bandwidth in high-latency networks such as 4G cellular network.
  Applies to: AXIS FA54, AXIS M3057-PLVE, AXIS M3058-PLVE, AXIS P1367/-E, AXIS P1368-E, AXIS P1445-LE, AXIS P1445-LE-3, AXIS P1447-LE, AXIS P1448-LE, AXIS P3227-LV/-LVE, AXIS P3228-LV/-LVE, AXIS Q1645/-LE, AXIS Q1647/-LE, AXIS Q1659, AXIS Q1785-LE, AXIS Q1786-LE, AXIS Q3515-LV/-LVE, AXIS Q3517-LV/-LVE/-SLVE and AXIS Q3518-LVE

Release date: 2020-11-16 (to be rolled out within 3 weeks of release date)

Features

• Updated Apache to version 2.4.46 to increase overall cybersecurity level.

• Added support for HTTP Strict Transport Security (HSTS) when using HTTPS.

• Reduced time to build-up an RTSP video stream by 30% and more.

Corrections

• Corrected an issue that caused an error message to pop up when pressing the test button of an event using HTTP recipients.

• Corrected an issue that caused distorted H.265 streams on rare occasions.
  Applies to: AXIS M2026-LE Mk II, AXIS M3015, AXIS M3016, and AXIS M3106-L/-LVE Mk II

• Corrected an issue that could cause image to shake when Electronic Image Stabilization (EIS) was activated during high zoom (x32) operations.
  Applies to: AXIS Q1785-LE and AXIS Q1786-LE

Go to Products on PSS 6.50 for a list of products that will continue to receive updates.
The list will be modified over time as the expiry date of the products varies, and it is only valid for the latest release.
Although supported products are planned to receive updates twice a year, they will receive security patches whenever it is deemed necessary.

Release date: 2024-11-13

Cybersecurity updates

• Updated cURL to version 8.10.1 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1za, addressing CVE-2024-5535.

• Updated OpenSSH to version 9.8p1, addressing CVE-2024-6387.

• Updated Apache to version 2.4.62, addressing CVE-2024-40725 and CVE-2024-40898.

• Updated libssh2 to version 1.11.0, addressing CVE-2023-48795.

• Addressed CVE-2023-52160 in wpa-supplicant to increase overall minimum cybersecurity level.

• Addressed CVE-2024-47257. This CVE will be externally disclosed on 26 November 2024 as part of our ongoing commitment to cybersecurity. Detailed information will follow then. For more information, please visit the Axis vulnerability management portal.

• Improved certificate management service stability and reliability.

Corrections

• Corrected issue with SSH user access after factory default with kept IP settings.

• Added DNS cache for O3C client to reduce DNS lookup times.

Release date: 2024-05-28

Cybersecurity updates

• Addressed CVE-2024-0066. For more information, please visit the Axis vulnerability management portal.

• Updated cURL to version 8.7.1 to increase overall cybersecurity level.

• Updated OpenSSH to version 9.6p1 to increase overall cybersecurity level.

Release date: 2024-03-19

Cybersecurity updates

• Updated cURL to version 8.6.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1x to increase overall cybersecurity level.

Release date: 2024-01-29

Cybersecurity updates

• Updated Apache to version 2.4.58 to increase the overall cybersecurity level.

Corrections

• Netd Service now preserves the static resolver configuration even after a soft reset, protecting static DNS/Search domain settings.

Release date: 2023-11-08

Cybersecurity updates

• Updated cURL to version 8.4.0 to increase overall cybersecurity level.

• Addressed CVE-2023-21418. For more information, please visit the Axis vulnerability management portal.

Release date: 2023-10-19

Cybersecurity updates

• Updated cURL to version 8.3.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1w to increase the overall cybersecurity level.

Corrections

• Corrected CVE-2023-21415. For more information, please visit the Axis vulnerability management portal.

Release date: 2023-08-28

Cybersecurity updates

• Updated cURL to version 8.2.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1v to increase the overall cybersecurity level.

Corrections

• Resolved an issue where the respawn daemon incorrectly managed restarts for ACAP services, notably in situations with multiple acaps running simultaneously.

Release date: 2023-08-02

Features

• General improvements to the platform.

Cybersecurity updates

• Added proxy configuration support to the Owner Authentication Key (OAK) cgi using group root.RemoteService, simplifying setup on networks requiring proxy servers for Internet access and improving the authentication process.

• Updated Apache to version 2.4.57 to increase the overall cybersecurity level.

• Updated OpenSSL to version 1.1.1u to increase the overall cybersecurity level.

Release date: 2023-05-29

Features

• Updated Apache to version 2.4.56 to increase the overall cybersecurity level.

• Updated cURL to version 8.0.1 to increase overall cybersecurity level.

• Added support for a second client certificate.

Release date: 2023-04-04

Features

• Updated Apache to version 2.4.55 to increase the overall cybersecurity level.

• Updated OpenSSL to version 1.1.1t to increase overall cybersecurity level.

• Updated cURL to version 7.88.1 to increase overall cybersecurity level.

Corrections

• Corrected an issue affecting some O3C clients, that caused internal authentication requests to fail after a few days of uptime.

Release date: 2023-02-09

Corrections

• Disabled secure redirects from other network hosts net.ipv4.conf.all.secure_redirects & net.ipv4.conf.default.secure_redirects, to increase overall minimum cybersecurity level.

• Corrected a restart issue caused by tilting the PTZ camera to 90 degrees. The issue was introduced in version 6.50.5.5 and 6.50.5.6.
  Applies to: AXIS Q6128-E

• Corrected an issue with the audio transmit function where the response to /axis- cgi/audio/transmit.cgi is returning a '400 Bad Request' error.
  Applies to: All products with audio support

Release date: 2022-12-19

Features and corrections

• Updated Apache to version 2.4.54 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1s to increase the overall cybersecurity level.

• Updated cURL to version 7.86.0 to increase overall cybersecurity level.

• Corrected an issue that caused audio via external VMS to stop working.

• Corrected an issue that caused the wrong file size to be reported for recordings larger than 50MB when using FTP.

• Corrected an issue where 802.1X would not trust the intermediate certificate authority (CA).

Release date: 2022-05-11 (to be rolled out within three weeks of release date)

Features

• Updated OpenSSL to version 1.1.1o to increase overall cybersecurity level.

• Updated Apache to version 2.4.53 to increase overall cybersecurity level.

• Updated cURL to version 7.79.1 to increase overall cybersecurity level.

• Updated wpa-supplicant to version 2.10 to increase overall minimum cybersecurity level.

Corrections

• General improvements to the LTS 2016 platform.

• Receiving ICMP redirects from other network hosts is now disabled to increase overall minimum cybersecurity level.

• Improved handling of empty recordings.

• Corrected an issue with uploading RSA certificate with PKCS#8 formatted private keys.

• Corrected an issue that caused the send images event to stop uploading towards an FTP server when the filename included a space (" ").

• Corrected an issue with file permission when using disk encryption

• Corrected an issue that caused ONVIF AbsoluteMove commands to return a 500 Internal Server Error.

• Corrected CVE-2021-29462.

• Corrected CVE-2020-13848.

• Corrected CVE-2019-15916.

Release date: 2021-10-25 (to be rolled out within three weeks of release date)

Features

• Updated Apache to version 2.4.48 to increase overall cybersecurity level.

• Updated OpenSSH to version 8.6p1 to increase the overall minimum cybersecurity level.

• Updated cURL to version 7.78.0 to increase overall cybersecurity level.

• Updated OpenSSL to version 1.1.1l to increase overall minimum cybersecurity level.

Corrections

• Corrected the following CVEs:

• • CVE-2021-31988

  • CVE-2021-31987

  • CVE-2021-31986

  • CVE-2021-27219

  • CVE-2021-27218

  • CVE-2019-12450

• Corrected an issue that caused video clients such as VLC to not display a low-FPS video stream due to missing base FPS info in VUI timing info.

Release date: 2021-05-17 (to be rolled out within three weeks of release date)

Features

• Updated OpenSSL to version 1.1.1k to fix CVE-2021-3449 and CVE-2021-3450.

Corrections

• Corrected an issue that caused the value of Quality of Service (QoS) to not be respected in always multicast mode.

Release date: 2020-11-09 (to be rolled out within three weeks of release date)

Features

• Updated Apache to version 2.4.46 to increase overall cyber security level.

Corrections

• Corrected an issue that caused a test button in the web interface to not work when mounting network-attached atorage (NAS) configured with SMB v3.

• Added a sensitivity parameter for tampering detection in PlainConfig that can now be adjusted by the user.
  Applies to: AXIS P1244, AXIS P1245, AXIS P1254, AXIS P1264, AXIS P1265, AXIS P1275, AXIS P1364/-E, AXIS P1365/-E Mk II and AXIS P1435-E/-LE

• Corrected an issue that caused a failure to send images with action rules to email recipients.
  Applies to: AXIS P1244, AXIS P1245, AXIS P1254, AXIS P1264, AXIS P1265, AXIS P1275, AXIS P1364/-E, AXIS P1365/-E Mk II and AXIS P1435-E/-LE

Features or corrections are sometimes applied to a group of products based on the system-on-chip (SoC). These groups are listed below and are sometimes referenced in the release notes.

For more information, visit System-on-chip .

The product groups below are based on the active track and the available LTS tracks.

From March 2024, the following products will not receive any more releases since the hardware warranty and software maintenance period have expired.

The following products will continue to receive releases until the hardware warranty and software maintenance period expire.

The following products will have the later LTS tracks. Please upgrade to the latest version to increase the cybersecurity.

The following products will not receive any more releases since the hardware warranty and software maintenance period have expired.

The following product will continue to receive releases until the hardware warranty and software maintenance period expire.