Search criteria
3690 vulnerabilities
CVE-2026-8605 (GCVE-0-2026-8605)
Vulnerability from cvelistv5 – Published: 2026-05-19 17:08 – Updated: 2026-05-19 17:58
VLAI?
Title
Use of Hard-coded Credentials in ScadaBR
Summary
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.
Severity ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T17:57:46.189808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T17:58:03.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ScadaBR",
"vendor": "ScadaBR",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arad Inbar, Nir Somech, Ben Grinberg, Daniel Lubel, Erez Cohen, and Adiel Sol of DREAM reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.\u003c/p\u003e"
}
],
"value": "In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T17:08:06.580Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Use of Hard-coded Credentials in ScadaBR",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-8605",
"datePublished": "2026-05-19T17:08:06.580Z",
"dateReserved": "2026-05-14T15:25:12.004Z",
"dateUpdated": "2026-05-19T17:58:03.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8604 (GCVE-0-2026-8604)
Vulnerability from cvelistv5 – Published: 2026-05-19 17:05 – Updated: 2026-05-19 18:00
VLAI?
Title
Cross-Site request forgery (CSRF) in ScadaBR
Summary
In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage.
Severity ?
CWE
- CWE-352 - Cross-Site request forgery (CSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T18:00:48.697513Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T18:00:59.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ScadaBR",
"vendor": "ScadaBR",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arad Inbar, Nir Somech, Ben Grinberg, Daniel Lubel, Erez Cohen, and Adiel Sol of DREAM reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim\u0027s session by luring any logged-in user to a malicious webpage.\u003c/p\u003e"
}
],
"value": "In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim\u0027s session by luring any logged-in user to a malicious webpage."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site request forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T17:05:48.113Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site request forgery (CSRF) in ScadaBR",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-8604",
"datePublished": "2026-05-19T17:05:48.113Z",
"dateReserved": "2026-05-14T15:25:11.050Z",
"dateUpdated": "2026-05-19T18:00:59.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8603 (GCVE-0-2026-8603)
Vulnerability from cvelistv5 – Published: 2026-05-19 17:03 – Updated: 2026-05-19 18:01
VLAI?
Title
Improper neutralization of special elements used in an OS command ('OS command injection') in ScadaBR
Summary
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system.
Severity ?
CWE
- CWE-78 - Improper neutralization of special elements used in an OS command ('OS command injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T18:01:15.331043Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T18:01:31.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ScadaBR",
"vendor": "ScadaBR",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arad Inbar, Nir Somech, Ben Grinberg, Daniel Lubel, Erez Cohen, and Adiel Sol of DREAM reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper neutralization of special elements used in an OS command (\u0027OS command injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T17:03:38.388Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper neutralization of special elements used in an OS command (\u0027OS command injection\u0027) in ScadaBR",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-8603",
"datePublished": "2026-05-19T17:03:38.388Z",
"dateReserved": "2026-05-14T15:25:09.154Z",
"dateUpdated": "2026-05-19T18:01:31.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8602 (GCVE-0-2026-8602)
Vulnerability from cvelistv5 – Published: 2026-05-19 17:00 – Updated: 2026-05-19 18:35
VLAI?
Title
Missing authentication for critical function in ScadaBR
Summary
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings.
Severity ?
CWE
- CWE-306 - Missing authentication for critical function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T18:35:28.201222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T18:35:34.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ScadaBR",
"vendor": "ScadaBR",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arad Inbar, Nir Somech, Ben Grinberg, Daniel Lubel, Erez Cohen, and Adiel Sol of DREAM reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing authentication for critical function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T17:00:38.723Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing authentication for critical function in ScadaBR",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-8602",
"datePublished": "2026-05-19T17:00:38.723Z",
"dateReserved": "2026-05-14T15:25:07.932Z",
"dateUpdated": "2026-05-19T18:35:34.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8108 (GCVE-0-2026-8108)
Vulnerability from cvelistv5 – Published: 2026-05-12 22:29 – Updated: 2026-05-13 01:39
VLAI?
Title
Fuji Electric Tellus Exposed Dangerous Method or Function
Summary
The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions.
Severity ?
7.8 (High)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fuji Electric | Tellus |
Affected:
5.0.2
|
Date Public ?
2026-05-12 22:26
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T01:38:52.768933Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T01:39:00.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Tellus",
"vendor": "Fuji Electric",
"versions": [
{
"status": "affected",
"version": "5.0.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kim Myung-gyu of Trend Micro Zero Day Initiative reported this vulnerability to CISA."
}
],
"datePublic": "2026-05-12T22:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions."
}
],
"value": "The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T22:29:53.239Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-01"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-01.json"
}
],
"source": {
"advisory": "ICSA-26-132-01",
"discovery": "EXTERNAL"
},
"title": "Fuji Electric Tellus Exposed Dangerous Method or Function",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Fuji Electric recommends that Tellus be installed only with administrator privileges."
}
],
"value": "Fuji Electric recommends that Tellus be installed only with administrator privileges."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-8108",
"datePublished": "2026-05-12T22:29:53.239Z",
"dateReserved": "2026-05-07T15:18:17.964Z",
"dateUpdated": "2026-05-13T01:39:00.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26289 (GCVE-0-2026-26289)
Vulnerability from cvelistv5 – Published: 2026-05-12 21:02 – Updated: 2026-05-13 00:19
VLAI?
Title
Subnet Solutions PowerSYSTEM Center Incorrect Authorization
Summary
PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Subnet Solutions | PowerSYSTEM Center 2020 |
Affected:
5.8.x , ≤ 5.28.x
(custom)
|
|
| Subnet Solutions | PowerSYSTEM Center 2024 |
Affected:
6.0.x , ≤ 6.1.x
(custom)
|
|
| Subnet Solutions | PowerSYSTEM Center 2026 |
Affected:
7.0.x
|
Date Public ?
2026-05-13 05:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T00:19:06.419342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T00:19:14.634Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2020",
"vendor": "Subnet Solutions",
"versions": [
{
"lessThanOrEqual": "5.28.x",
"status": "affected",
"version": "5.8.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2024",
"vendor": "Subnet Solutions",
"versions": [
{
"lessThanOrEqual": "6.1.x",
"status": "affected",
"version": "6.0.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2026",
"vendor": "Subnet Solutions",
"versions": [
{
"status": "affected",
"version": "7.0.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kelly Stich of Subnet Solutions Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-05-13T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only."
}
],
"value": "PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T21:02:42.509Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Subnet Solutions recommends users update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix.\n\u003cbr\u003e\n\u003cbr\u003eFor assistance in upgrading, users should contact a Subnet Solutions System Integration team member or customer support team at (403) 270-8885 or by email at [support@subnet.com](mailto:support@subnet.com).\n\u003cbr\u003e\n\u003cbr\u003eSubnet Solutions recommends users do the following in order to reduce risk:\n\u003cbr\u003e* Monitor user activity records to ensure users are following acceptable usage policies of the application.\n\u003cbr\u003e* Restrict access to Notification Settings to trusted Administrators Monitor \"Send from Address\" in settings and Activity Records.\n\u003cbr\u003e* Configure a notification rule that triggers in any bulk account export activity."
}
],
"value": "Subnet Solutions recommends users update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix.\n\n\n\nFor assistance in upgrading, users should contact a Subnet Solutions System Integration team member or customer support team at (403) 270-8885 or by email at [support@subnet.com](mailto:support@subnet.com).\n\n\n\nSubnet Solutions recommends users do the following in order to reduce risk:\n\n* Monitor user activity records to ensure users are following acceptable usage policies of the application.\n\n* Restrict access to Notification Settings to trusted Administrators Monitor \"Send from Address\" in settings and Activity Records.\n\n* Configure a notification rule that triggers in any bulk account export activity."
}
],
"source": {
"advisory": "ICSA-26-132-02",
"discovery": "INTERNAL"
},
"title": "Subnet Solutions PowerSYSTEM Center Incorrect Authorization",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-26289",
"datePublished": "2026-05-12T21:02:42.509Z",
"dateReserved": "2026-04-16T14:05:42.127Z",
"dateUpdated": "2026-05-13T00:19:14.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-33570 (GCVE-0-2026-33570)
Vulnerability from cvelistv5 – Published: 2026-05-12 20:59 – Updated: 2026-05-13 00:19
VLAI?
Title
Subnet Solutions PowerSYSTEM Center Incorrect Authorization
Summary
PowerSYSTEM Center REST API endpoint for devices allows a low privilege authenticated user to access information normally limited by operational permissions.
Severity ?
5.7 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Subnet Solutions | PowerSYSTEM Center 2020 |
Affected:
5.11.x , ≤ 5.28.x
(custom)
|
Date Public ?
2026-05-13 05:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33570",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T00:19:29.614963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T00:19:39.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2020",
"vendor": "Subnet Solutions",
"versions": [
{
"lessThanOrEqual": "5.28.x",
"status": "affected",
"version": "5.11.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kelly Stich of Subnet Solutions Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-05-13T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "PowerSYSTEM Center REST API endpoint for devices allows a low privilege authenticated user to access information normally limited by operational permissions."
}
],
"value": "PowerSYSTEM Center REST API endpoint for devices allows a low privilege authenticated user to access information normally limited by operational permissions."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T20:59:25.911Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Subnet Solutions recommends users update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix.\n\u003cbr\u003e\n\u003cbr\u003eFor assistance in upgrading, users should contact a Subnet Solutions System Integration team member or customer support team at (403) 270-8885 or by email at [support@subnet.com](mailto:support@subnet.com).\n\u003cbr\u003e\n\u003cbr\u003eSubnet Solutions recommends users do the following in order to reduce risk:\n\u003cbr\u003e* Monitor user activity records to ensure users are following acceptable usage policies of the application.\n\u003cbr\u003e* Restrict access to Notification Settings to trusted Administrators Monitor \"Send from Address\" in settings and Activity Records.\n\u003cbr\u003e* Configure a notification rule that triggers in any bulk account export activity."
}
],
"value": "Subnet Solutions recommends users update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix.\n\n\n\nFor assistance in upgrading, users should contact a Subnet Solutions System Integration team member or customer support team at (403) 270-8885 or by email at [support@subnet.com](mailto:support@subnet.com).\n\n\n\nSubnet Solutions recommends users do the following in order to reduce risk:\n\n* Monitor user activity records to ensure users are following acceptable usage policies of the application.\n\n* Restrict access to Notification Settings to trusted Administrators Monitor \"Send from Address\" in settings and Activity Records.\n\n* Configure a notification rule that triggers in any bulk account export activity."
}
],
"source": {
"advisory": "ICSA-26-132-02",
"discovery": "INTERNAL"
},
"title": "Subnet Solutions PowerSYSTEM Center Incorrect Authorization",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-33570",
"datePublished": "2026-05-12T20:59:25.911Z",
"dateReserved": "2026-04-16T14:05:42.141Z",
"dateUpdated": "2026-05-13T00:19:39.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35555 (GCVE-0-2026-35555)
Vulnerability from cvelistv5 – Published: 2026-05-12 20:48 – Updated: 2026-05-13 00:20
VLAI?
Title
Subnet Solutions PowerSYSTEM Center Incorrect Authorization
Summary
PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Subnet Solutions | PowerSYSTEM Center 2024 |
Affected:
6.0.x , ≤ 6.1.x
(custom)
|
|
| Subnet Solutions | PowerSYSTEM Center 2026 |
Affected:
7.0.x
(custom)
|
Date Public ?
2026-05-13 05:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35555",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T00:19:55.864884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T00:20:11.420Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2024",
"vendor": "Subnet Solutions",
"versions": [
{
"lessThanOrEqual": "6.1.x",
"status": "affected",
"version": "6.0.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2026",
"vendor": "Subnet Solutions",
"versions": [
{
"status": "affected",
"version": "7.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kelly Stich of Subnet Solutions Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-05-13T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups."
}
],
"value": "PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T20:48:13.076Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Subnet Solutions recommends users update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix.\n\u003cbr\u003e\n\u003cbr\u003eFor assistance in upgrading, users should contact a Subnet Solutions System Integration team member or customer support team at (403) 270-8885 or by email at [support@subnet.com](mailto:support@subnet.com).\n\u003cbr\u003e\n\u003cbr\u003eSubnet Solutions recommends users do the following in order to reduce risk:\n\u003cbr\u003e* Monitor user activity records to ensure users are following acceptable usage policies of the application.\n\u003cbr\u003e* Restrict access to Notification Settings to trusted Administrators Monitor \"Send from Address\" in settings and Activity Records.\n\u003cbr\u003e* Configure a notification rule that triggers in any bulk account export activity."
}
],
"value": "Subnet Solutions recommends users update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix.\n\n\n\nFor assistance in upgrading, users should contact a Subnet Solutions System Integration team member or customer support team at (403) 270-8885 or by email at [support@subnet.com](mailto:support@subnet.com).\n\n\n\nSubnet Solutions recommends users do the following in order to reduce risk:\n\n* Monitor user activity records to ensure users are following acceptable usage policies of the application.\n\n* Restrict access to Notification Settings to trusted Administrators Monitor \"Send from Address\" in settings and Activity Records.\n\n* Configure a notification rule that triggers in any bulk account export activity."
}
],
"source": {
"advisory": "ICSA-26-132-02",
"discovery": "INTERNAL"
},
"title": "Subnet Solutions PowerSYSTEM Center Incorrect Authorization",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-35555",
"datePublished": "2026-05-12T20:48:13.076Z",
"dateReserved": "2026-04-16T14:05:42.152Z",
"dateUpdated": "2026-05-13T00:20:11.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-65088 (GCVE-0-2025-65088)
Vulnerability from cvelistv5 – Published: 2026-05-12 20:27 – Updated: 2026-05-12 21:12
VLAI?
Title
Out-of-bounds read in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share
Summary
An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.
Severity ?
CWE
- CWE-125 - Out-of-bounds read
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ashlar-Vellum | Cobalt |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Xenon |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Argon |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Lithium |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Cobalt Share |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65088",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T21:01:08.152298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T21:12:27.588Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cobalt",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Xenon",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Argon",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Lithium",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cobalt Share",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Heinzl reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eAn Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.\u003c/p\u003e"
}
],
"value": "An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T20:27:39.156Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAshlar-Vellum recommends users update to build 12.6.1204.217 and later.\u003c/p\u003e"
}
],
"value": "Ashlar-Vellum recommends users update to build 12.6.1204.217 and later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds read in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-65088",
"datePublished": "2026-05-12T20:27:39.156Z",
"dateReserved": "2025-11-17T16:43:44.055Z",
"dateUpdated": "2026-05-12T21:12:27.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-65087 (GCVE-0-2025-65087)
Vulnerability from cvelistv5 – Published: 2026-05-12 20:25 – Updated: 2026-05-12 21:12
VLAI?
Title
Out-of-bounds read in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share
Summary
An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.
Severity ?
CWE
- CWE-125 - Out-of-bounds read
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ashlar-Vellum | Cobalt |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Xenon |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Argon |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Lithium |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Cobalt Share |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65087",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T21:01:17.207947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T21:12:34.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cobalt",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Xenon",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Argon",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Lithium",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cobalt Share",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Heinzl reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eAn Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.\u003c/p\u003e"
}
],
"value": "An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T20:25:08.947Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAshlar-Vellum recommends users update to build 12.6.1204.217 and later.\u003c/p\u003e"
}
],
"value": "Ashlar-Vellum recommends users update to build 12.6.1204.217 and later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds read in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-65087",
"datePublished": "2026-05-12T20:25:08.947Z",
"dateReserved": "2025-11-17T16:43:44.054Z",
"dateUpdated": "2026-05-12T21:12:34.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-65086 (GCVE-0-2025-65086)
Vulnerability from cvelistv5 – Published: 2026-05-12 20:22 – Updated: 2026-05-12 21:12
VLAI?
Title
Out-of-bounds write in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share
Summary
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed.
Severity ?
CWE
- CWE-787 - Out-of-bounds write
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ashlar-Vellum | Cobalt |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Xenon |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Argon |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Lithium |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
|
| Ashlar-Vellum | Cobalt Share |
Affected:
0 , ≤ 12.6.1204.216
(custom)
|
Date Public ?
2026-05-12 20:21
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T21:01:29.195887Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T21:12:42.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cobalt",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Xenon",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Argon",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Lithium",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cobalt Share",
"vendor": "Ashlar-Vellum",
"versions": [
{
"lessThanOrEqual": "12.6.1204.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Heinzl reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-05-12T20:21:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eAn Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed.\u003c/p\u003e"
}
],
"value": "An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T20:22:42.842Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAshlar-Vellum recommends users update to build 12.6.1204.217 and later.\u003c/p\u003e"
}
],
"value": "Ashlar-Vellum recommends users update to build 12.6.1204.217 and later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds write in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-65086",
"datePublished": "2026-05-12T20:22:42.842Z",
"dateReserved": "2025-11-17T16:43:44.054Z",
"dateUpdated": "2026-05-12T21:12:42.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35504 (GCVE-0-2026-35504)
Vulnerability from cvelistv5 – Published: 2026-05-12 20:19 – Updated: 2026-05-12 21:12
VLAI?
Title
Subnet Solutions PowerSYSTEM Center CRLF injection
Summary
PowerSYSTEM Center email notification service is affected by a CRLF injection vulnerability when using SMTPS communication.
Severity ?
5.5 (Medium)
CWE
- CWE-93 - Improper neutralization of CRLF sequences ('CRLF injection')
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Subnet Solutions | PowerSYSTEM Center 2020 |
Affected:
0 , ≤ 5.28.x
(custom)
|
|
| Subnet Solutions | PowerSYSTEM Center 2024 |
Affected:
6.0.x , ≤ 6.1.x
(custom)
|
|
| Subnet Solutions | PowerSYSTEM Center 2026 |
Affected:
7.0.x
|
Date Public ?
2026-05-13 05:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35504",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T21:01:40.300358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T21:12:55.834Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2020",
"vendor": "Subnet Solutions",
"versions": [
{
"lessThanOrEqual": "5.28.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2024",
"vendor": "Subnet Solutions",
"versions": [
{
"lessThanOrEqual": "6.1.x",
"status": "affected",
"version": "6.0.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center 2026",
"vendor": "Subnet Solutions",
"versions": [
{
"status": "affected",
"version": "7.0.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kelly Stich of Subnet Solutions Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-05-13T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "PowerSYSTEM Center email notification service is affected by a CRLF injection vulnerability when using SMTPS communication."
}
],
"value": "PowerSYSTEM Center email notification service is affected by a CRLF injection vulnerability when using SMTPS communication."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93 Improper neutralization of CRLF sequences (\u0027CRLF injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T20:45:23.739Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Subnet Solutions recommends users update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix.\n\u003cbr\u003e\n\u003cbr\u003eFor assistance in upgrading, users should contact a Subnet Solutions System Integration team member or customer support team at (403) 270-8885 or by email at [support@subnet.com](mailto:support@subnet.com).\n\u003cbr\u003e\n\u003cbr\u003eSubnet Solutions recommends users do the following in order to reduce risk:\n\u003cbr\u003e* Monitor user activity records to ensure users are following acceptable usage policies of the application.\n\u003cbr\u003e* Restrict access to Notification Settings to trusted Administrators Monitor \"Send from Address\" in settings and Activity Records.\n\u003cbr\u003e* Configure a notification rule that triggers in any bulk account export activity."
}
],
"value": "Subnet Solutions recommends users update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix.\n\n\n\nFor assistance in upgrading, users should contact a Subnet Solutions System Integration team member or customer support team at (403) 270-8885 or by email at [support@subnet.com](mailto:support@subnet.com).\n\n\n\nSubnet Solutions recommends users do the following in order to reduce risk:\n\n* Monitor user activity records to ensure users are following acceptable usage policies of the application.\n\n* Restrict access to Notification Settings to trusted Administrators Monitor \"Send from Address\" in settings and Activity Records.\n\n* Configure a notification rule that triggers in any bulk account export activity."
}
],
"source": {
"advisory": "ICSA-26-132-02",
"discovery": "INTERNAL"
},
"title": "Subnet Solutions PowerSYSTEM Center CRLF injection",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-35504",
"datePublished": "2026-05-12T20:19:38.126Z",
"dateReserved": "2026-04-16T14:05:42.158Z",
"dateUpdated": "2026-05-12T21:12:55.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12659 (GCVE-0-2025-12659)
Vulnerability from cvelistv5 – Published: 2026-05-12 12:30 – Updated: 2026-05-12 14:27
VLAI?
Title
Heap-based buffer overflow in Siemens Simcenter Femap
Summary
The affected applications contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-27349, ZDI-CAN-27389)
Severity ?
CWE
- CWE-122 - Heap-based buffer overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/html/… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | Simcenter Femap |
Affected:
0 , < V2512.0003
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T14:26:44.889744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T14:27:57.384Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Simcenter Femap",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.0003",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Siemens thanks the following party for its efforts: TrendAI Zero Day Initiative for coordinated disclosure"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected applications contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-27349, ZDI-CAN-27389)"
}
],
"value": "The affected applications contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-27349, ZDI-CAN-27389)"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based buffer overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:30:04.652Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-870926.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUpdate to V2512.0003 or later version\u003c/div\u003e\u003ca href=\"https://support.sw.siemens.com/product/275652363/\"\u003ehttps://support.sw.siemens.com/product/275652363/\u003c/a\u003e"
}
],
"value": "Update to V2512.0003 or later version\n\n https://support.sw.siemens.com/product/275652363/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Heap-based buffer overflow in Siemens Simcenter Femap",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-12659",
"datePublished": "2026-05-12T12:30:04.652Z",
"dateReserved": "2025-11-03T20:56:28.893Z",
"dateUpdated": "2026-05-12T14:27:57.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6411 (GCVE-0-2026-6411)
Vulnerability from cvelistv5 – Published: 2026-05-07 22:25 – Updated: 2026-05-08 13:06
VLAI?
Title
MAXHUB Pivot Client Application Use of a Broken or Risky Cryptographic Algorithm
Summary
This vulnerability, in the MAXHUB Pivot client application versions
prior to v1.36.2, may allow an attacker to obtain encrypted tenant email
addresses and related metadata from any tenant. Due to the presence of a
hardcoded AES key within the application, the encrypted data can be
decrypted, enabling access to tenant email addresses and associated
information in cleartext. Furthermore, an attacker may be able to cause a
denial-of-service condition by enrolling multiple unauthorized devices
into a tenant via MQTT, potentially disrupting tenant operations.
Severity ?
7.3 (High)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| MAXHUB | MAXHUB Pivot client application |
Affected:
0 , < 1.36.2
(custom)
Unaffected: 1.36.2 |
Date Public ?
2026-05-05 21:45
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6411",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T13:05:50.323897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T13:06:12.227Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MAXHUB Pivot client application",
"vendor": "MAXHUB",
"versions": [
{
"lessThan": "1.36.2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.36.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Malik MAKKES and Yassine BENGANA of Abicom Groupe OCI reported this vulnerability to MAXHUB."
}
],
"datePublic": "2026-05-05T21:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability, in the MAXHUB Pivot client application versions \nprior to v1.36.2, may allow an attacker to obtain encrypted tenant email\n addresses and related metadata from any tenant. Due to the presence of a\n hardcoded AES key within the application, the encrypted data can be \ndecrypted, enabling access to tenant email addresses and associated \ninformation in cleartext. Furthermore, an attacker may be able to cause a\n denial-of-service condition by enrolling multiple unauthorized devices \ninto a tenant via MQTT, potentially disrupting tenant operations."
}
],
"value": "This vulnerability, in the MAXHUB Pivot client application versions \nprior to v1.36.2, may allow an attacker to obtain encrypted tenant email\n addresses and related metadata from any tenant. Due to the presence of a\n hardcoded AES key within the application, the encrypted data can be \ndecrypted, enabling access to tenant email addresses and associated \ninformation in cleartext. Furthermore, an attacker may be able to cause a\n denial-of-service condition by enrolling multiple unauthorized devices \ninto a tenant via MQTT, potentially disrupting tenant operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T22:25:54.959Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.maxhub.com/en/support/"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-127-01"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-127-01.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MAXHUB recommends users upgrade the Pivot client application to v1.36.2 \nor newer. The remediation has been made available through an OTA update.\n Users running v1.36.2 or later are not affected and need only ensure \nthey continue to maintain the latest version. At this time, MAXHUB is \nnot aware of any public exploitation of this issue. For more \ninformation, see the MAXHUB support page.\u003cbr\u003e\u003ca href=\"https://www.maxhub.com/en/support/\"\u003ehttps://www.maxhub.com/en/support/\u003c/a\u003e"
}
],
"value": "MAXHUB recommends users upgrade the Pivot client application to v1.36.2 \nor newer. The remediation has been made available through an OTA update.\n Users running v1.36.2 or later are not affected and need only ensure \nthey continue to maintain the latest version. At this time, MAXHUB is \nnot aware of any public exploitation of this issue. For more \ninformation, see the MAXHUB support page.\n https://www.maxhub.com/en/support/"
}
],
"source": {
"advisory": "ICSA-26-127-01",
"discovery": "EXTERNAL"
},
"title": "MAXHUB Pivot Client Application Use of a Broken or Risky Cryptographic Algorithm",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-6411",
"datePublished": "2026-05-07T22:25:54.959Z",
"dateReserved": "2026-04-15T23:14:19.539Z",
"dateUpdated": "2026-05-08T13:06:12.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6807 (GCVE-0-2026-6807)
Vulnerability from cvelistv5 – Published: 2026-04-28 17:41 – Updated: 2026-04-29 15:12 Unsupported When Assigned
VLAI?
Title
NSA GRASSMARLIN Improper Restriction of XML External Entity Reference
Summary
A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to
trigger improper handling of XML input, which may result in unintended
exposure of sensitive information. The flaw stems from insufficient
hardening of the XML parsing process.
Severity ?
5.5 (Medium)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NSA | GRASSMARLIN |
Affected:
All versions
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-29T13:40:03.937436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T15:12:21.569Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GRASSMARLIN",
"vendor": "NSA",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Grady DeRosa reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to \ntrigger improper handling of XML input, which may result in unintended \nexposure of sensitive information. The flaw stems from insufficient \nhardening of the XML parsing process."
}
],
"value": "A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to \ntrigger improper handling of XML input, which may result in unintended \nexposure of sensitive information. The flaw stems from insufficient \nhardening of the XML parsing process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T17:41:13.480Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-118-01"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-118-01.json"
}
],
"source": {
"advisory": "ICSA-26-118-01",
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "NSA GRASSMARLIN Improper Restriction of XML External Entity Reference",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NSA has indicated that the GRASSMARLIN project has reached end-of-life \nstatus as of 2017 and is no longer supported. The project is archived, \nand no patches or further updates are planned or expected."
}
],
"value": "NSA has indicated that the GRASSMARLIN project has reached end-of-life \nstatus as of 2017 and is no longer supported. The project is archived, \nand no patches or further updates are planned or expected."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-6807",
"datePublished": "2026-04-28T17:41:13.480Z",
"dateReserved": "2026-04-21T16:01:40.334Z",
"dateUpdated": "2026-04-29T15:12:21.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3893 (GCVE-0-2026-3893)
Vulnerability from cvelistv5 – Published: 2026-04-28 17:34 – Updated: 2026-04-29 15:12
VLAI?
Title
Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function
Summary
The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism,
allowing an attacker with network access to directly access and modify
its configuration and operational functions without needing credentials.
Severity ?
9.4 (Critical)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Carlson Software | VASCO-B GNSS Receiver |
Affected:
0 , < 1.4.0
(custom)
Unaffected: 1.4.0 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3893",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-29T13:39:45.800186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T15:12:29.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VASCO-B GNSS Receiver",
"vendor": "Carlson Software",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.4.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, \nallowing an attacker with network access to directly access and modify \nits configuration and operational functions without needing credentials."
}
],
"value": "The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, \nallowing an attacker with network access to directly access and modify \nits configuration and operational functions without needing credentials."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T17:34:56.130Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.carlsonsw.com/support-and-training/"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3893"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\nCarlson Software recommends users update to Version 1.4.0 or greater. \nFor more information contact Carlson Software \nhttps://www.carlsonsw.com/support-and-training/\u003c/div\u003e"
}
],
"value": "Carlson Software recommends users update to Version 1.4.0 or greater. \nFor more information contact Carlson Software \nhttps://www.carlsonsw.com/support-and-training/"
}
],
"source": {
"advisory": "ICSA-26-113-02",
"discovery": "EXTERNAL"
},
"title": "Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-3893",
"datePublished": "2026-04-28T17:34:56.130Z",
"dateReserved": "2026-03-10T16:52:36.791Z",
"dateUpdated": "2026-04-29T15:12:29.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20766 (GCVE-0-2026-20766)
Vulnerability from cvelistv5 – Published: 2026-04-27 23:45 – Updated: 2026-04-28 14:39
VLAI?
Title
Milesight Cameras Heap-based Buffer Overflow
Summary
An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.
Severity ?
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:37:23.854997Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:39:17.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eAn out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.\u003c/span\u003e"
}
],
"value": "An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:45:52.896Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Heap-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-20766",
"datePublished": "2026-04-27T23:45:52.896Z",
"dateReserved": "2026-03-12T17:51:09.860Z",
"dateUpdated": "2026-04-28T14:39:17.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32649 (GCVE-0-2026-32649)
Vulnerability from cvelistv5 – Published: 2026-04-27 23:42 – Updated: 2026-04-28 14:42
VLAI?
Title
Milesight Cameras OS Command Injection
Summary
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.
Severity ?
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:42:25.685037Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:42:37.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eA command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.\u003c/span\u003e"
}
],
"value": "A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:42:44.761Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras OS Command Injection",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-32649",
"datePublished": "2026-04-27T23:42:44.761Z",
"dateReserved": "2026-03-12T17:51:09.881Z",
"dateUpdated": "2026-04-28T14:42:37.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32644 (GCVE-0-2026-32644)
Vulnerability from cvelistv5 – Published: 2026-04-27 23:40 – Updated: 2026-04-28 14:45
VLAI?
Title
Milesight Cameras Use of Hard-coded Cryptographic Key
Summary
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.
Severity ?
9.8 (Critical)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32644",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:45:03.298830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:45:19.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eSpecific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.\u003c/span\u003e"
}
],
"value": "Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:40:25.181Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Use of Hard-coded Cryptographic Key",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-32644",
"datePublished": "2026-04-27T23:40:25.181Z",
"dateReserved": "2026-03-12T17:51:09.896Z",
"dateUpdated": "2026-04-28T14:45:19.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27785 (GCVE-0-2026-27785)
Vulnerability from cvelistv5 – Published: 2026-04-27 23:38 – Updated: 2026-04-28 12:40
VLAI?
Title
Milesight Cameras Use of Hard-coded Credentials
Summary
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
Severity ?
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T12:40:31.458437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T12:40:37.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eSpecific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.\u003c/span\u003e"
}
],
"value": "Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:38:10.844Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Use of Hard-coded Credentials",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-27785",
"datePublished": "2026-04-27T23:38:10.844Z",
"dateReserved": "2026-03-12T17:51:09.903Z",
"dateUpdated": "2026-04-28T12:40:37.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-28747 (GCVE-0-2026-28747)
Vulnerability from cvelistv5 – Published: 2026-04-27 22:44 – Updated: 2026-04-28 14:35
VLAI?
Title
Milesight Cameras Authorization Bypass Through User-Controlled Key
Summary
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.
Severity ?
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-28747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T13:40:48.550832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:35:33.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.\u0026nbsp;"
}
],
"value": "A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:31:53.318Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Authorization Bypass Through User-Controlled Key",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-28747",
"datePublished": "2026-04-27T22:44:52.012Z",
"dateReserved": "2026-03-12T17:51:09.913Z",
"dateUpdated": "2026-04-28T14:35:33.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25775 (GCVE-0-2026-25775)
Vulnerability from cvelistv5 – Published: 2026-04-24 00:06 – Updated: 2026-04-24 12:16
VLAI?
Title
SenseLive X3050 Missing authentication for critical function
Summary
A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded images, or the authenticity of provided firmware.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing authentication for critical function
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T12:16:12.459353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T12:16:24.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in\u0026nbsp;SenseLive\u0026nbsp;X3050\u2019s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded images, or the authenticity of provided firmware."
}
],
"value": "A vulnerability in\u00a0SenseLive\u00a0X3050\u2019s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded images, or the authenticity of provided firmware."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing authentication for critical function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T00:06:16.965Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://senselive.io/contact"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Missing authentication for critical function",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-25775",
"datePublished": "2026-04-24T00:06:16.965Z",
"dateReserved": "2026-04-14T15:57:15.003Z",
"dateUpdated": "2026-04-24T12:16:24.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35064 (GCVE-0-2026-35064)
Vulnerability from cvelistv5 – Published: 2026-04-24 00:04 – Updated: 2026-04-24 13:09
VLAI?
Title
SenseLive X3050 Missing authentication for critical function
Summary
A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are exposed by the underlying service rather than gated by authentication, an attacker on the same network segment can rapidly enumerate targeted devices.
Severity ?
CWE
- CWE-306 - Missing authentication for critical function
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35064",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T13:09:03.510590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T13:09:10.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in\u0026nbsp;SenseLive\u0026nbsp;X3050\u2019s management ecosystem allows unauthenticated discovery of deployed units through the vendor\u2019s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are exposed by the underlying service rather than gated by authentication, an attacker on the same network segment can rapidly enumerate targeted devices."
}
],
"value": "A vulnerability in\u00a0SenseLive\u00a0X3050\u2019s management ecosystem allows unauthenticated discovery of deployed units through the vendor\u2019s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are exposed by the underlying service rather than gated by authentication, an attacker on the same network segment can rapidly enumerate targeted devices."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing authentication for critical function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T00:04:30.693Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://senselive.io/contact"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Missing authentication for critical function",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-35064",
"datePublished": "2026-04-24T00:04:30.693Z",
"dateReserved": "2026-04-14T15:57:14.994Z",
"dateUpdated": "2026-04-24T13:09:10.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40620 (GCVE-0-2026-40620)
Vulnerability from cvelistv5 – Published: 2026-04-24 00:02 – Updated: 2026-04-24 13:09
VLAI?
Title
SenseLive X3050 Missing authentication for critical function
Summary
A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted modification of critical configuration parameters, operational modes, and device state through a vendor-supplied or compatible client.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing authentication for critical function
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T13:09:30.566885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T13:09:37.232Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in\u0026nbsp;SenseLive\u0026nbsp;X3050\u2019s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted modification of critical configuration parameters, operational modes, and device state through a vendor-supplied or compatible client."
}
],
"value": "A vulnerability in\u00a0SenseLive\u00a0X3050\u2019s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted modification of critical configuration parameters, operational modes, and device state through a vendor-supplied or compatible client."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing authentication for critical function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T00:02:57.571Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://senselive.io/contact"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Missing authentication for critical function",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-40620",
"datePublished": "2026-04-24T00:02:57.571Z",
"dateReserved": "2026-04-14T15:57:14.990Z",
"dateUpdated": "2026-04-24T13:09:37.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27841 (GCVE-0-2026-27841)
Vulnerability from cvelistv5 – Published: 2026-04-24 00:00 – Updated: 2026-04-24 18:18
VLAI?
Title
SenseLive X3050 Cross-Site request forgery
Summary
A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery (CSRF) protections. Because the application does not enforce server-side validation of request origin or implement CSRF tokens, a malicious external webpage could cause a user's browser to submit unauthorized configuration requests to the device.
Severity ?
CWE
- CWE-352 - Cross-Site request forgery (CSRF)
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27841",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T16:49:45.649408Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T18:18:30.759Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in\u0026nbsp;SenseLive\u0026nbsp;X3050\u0027s web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery (CSRF) protections. Because the application does not enforce server-side validation of request origin or implement CSRF tokens, a malicious external webpage could cause a user\u0027s browser to submit unauthorized configuration requests to the device."
}
],
"value": "A vulnerability in\u00a0SenseLive\u00a0X3050\u0027s web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery (CSRF) protections. Because the application does not enforce server-side validation of request origin or implement CSRF tokens, a malicious external webpage could cause a user\u0027s browser to submit unauthorized configuration requests to the device."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site request forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T00:00:57.349Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://senselive.io/contact"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Cross-Site request forgery",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-27841",
"datePublished": "2026-04-24T00:00:57.349Z",
"dateReserved": "2026-04-14T15:57:14.980Z",
"dateUpdated": "2026-04-24T18:18:30.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40623 (GCVE-0-2026-40623)
Vulnerability from cvelistv5 – Published: 2026-04-23 23:58 – Updated: 2026-04-24 18:18
VLAI?
Title
SenseLive X3050 Missing Authorization
Summary
A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchdog timers, reconnect intervals, and service ports can be set to unsupported or unsafe values. These configuration changes directly affect core device behaviour and recovery mechanisms. The lack of proper validation and safeguards allows critical system functions to be altered in a manner that can destabilize device operation or render the device persistently unavailable.
Severity ?
CWE
- CWE-862 - Missing Authorization
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40623",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T17:05:39.233646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T18:18:37.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in\u0026nbsp;SenseLive\u0026nbsp;X3050\u0027s web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchdog timers, reconnect intervals, and service ports can be set to unsupported or unsafe values. These configuration changes directly affect core device behaviour and recovery mechanisms. The lack of proper validation and safeguards allows critical system functions to be altered in a manner that can destabilize device operation or render the device persistently unavailable."
}
],
"value": "A vulnerability in\u00a0SenseLive\u00a0X3050\u0027s web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchdog timers, reconnect intervals, and service ports can be set to unsupported or unsafe values. These configuration changes directly affect core device behaviour and recovery mechanisms. The lack of proper validation and safeguards allows critical system functions to be altered in a manner that can destabilize device operation or render the device persistently unavailable."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T23:58:47.343Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://senselive.io/contact"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Missing Authorization",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-40623",
"datePublished": "2026-04-23T23:58:47.343Z",
"dateReserved": "2026-04-14T15:57:14.970Z",
"dateUpdated": "2026-04-24T18:18:37.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40431 (GCVE-0-2026-40431)
Vulnerability from cvelistv5 – Published: 2026-04-23 23:56 – Updated: 2026-04-24 18:18
VLAI?
Title
SenseLive X3050 Cleartext transmission of sensitive information
Summary
A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same network segment could intercept or observe sensitive operational information.
Severity ?
5.3 (Medium)
CWE
- CWE-319 - Cleartext transmission of sensitive information
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T16:49:38.101024Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T18:18:43.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in\u0026nbsp;SenseLive\u0026nbsp;X3050\u2019s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same network segment could intercept or observe sensitive operational information."
}
],
"value": "A vulnerability exists in\u00a0SenseLive\u00a0X3050\u2019s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same network segment could intercept or observe sensitive operational information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext transmission of sensitive information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T23:56:49.967Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://senselive.io/contact"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Cleartext transmission of sensitive information",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-40431",
"datePublished": "2026-04-23T23:56:49.967Z",
"dateReserved": "2026-04-14T15:57:14.948Z",
"dateUpdated": "2026-04-24T18:18:43.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27843 (GCVE-0-2026-27843)
Vulnerability from cvelistv5 – Published: 2026-04-23 23:54 – Updated: 2026-04-24 13:10
VLAI?
Title
SenseLive X3050 Missing authentication for critical function
Summary
A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can induce a persistent lockout state. Because the device lacks a physical reset button, recovery requires specialized technical access via the console to perform a factory reset, resulting in a total denial-of-service for the gateway and its connected RS-485 downstream systems.
Severity ?
9.1 (Critical)
CWE
- CWE-306 - Missing authentication for critical function
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27843",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T13:10:32.973864Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T13:10:40.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in\u0026nbsp;SenseLive X3050\u0027s web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can induce a persistent lockout state. Because the device lacks a physical reset button, recovery requires specialized technical access via the console to perform a factory reset, resulting in a total denial-of-service for the gateway and its connected RS-485 downstream systems."
}
],
"value": "A vulnerability exists in\u00a0SenseLive X3050\u0027s web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can induce a persistent lockout state. Because the device lacks a physical reset button, recovery requires specialized technical access via the console to perform a factory reset, resulting in a total denial-of-service for the gateway and its connected RS-485 downstream systems."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing authentication for critical function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T23:54:55.051Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://senselive.io/contact"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Missing authentication for critical function",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-27843",
"datePublished": "2026-04-23T23:54:55.051Z",
"dateReserved": "2026-04-14T16:05:54.167Z",
"dateUpdated": "2026-04-24T13:10:40.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-39462 (GCVE-0-2026-39462)
Vulnerability from cvelistv5 – Published: 2026-04-23 23:52 – Updated: 2026-04-24 18:18
VLAI?
Title
SenseLive X3050 Insufficiently Protected Credentials
Summary
A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied due to improper handling of credential changes on the backend. After the device undergoes a factory restore using the SenseLive Config 2.0 tool, the interface may indicate that the password update was successful; however, the system may continue to accept the previous or default credentials, demonstrating that the password-change process is not consistently enforced. Even after a factory reset, attempted password changes may fail to propagate correctly.
Severity ?
8.1 (High)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39462",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T16:48:32.907201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T18:18:50.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in\u0026nbsp;SenseLive X3050\u2019s web management interface in which password updates are not reliably applied due to improper handling of credential changes on the backend. After the device undergoes a factory restore using the SenseLive Config 2.0 tool, the interface may indicate that the password update was successful; however, the system may continue to accept the previous or default credentials, demonstrating that the password-change process is not consistently enforced. Even after a factory reset, attempted password changes may fail to propagate correctly."
}
],
"value": "A vulnerability exists in\u00a0SenseLive X3050\u2019s web management interface in which password updates are not reliably applied due to improper handling of credential changes on the backend. After the device undergoes a factory restore using the SenseLive Config 2.0 tool, the interface may indicate that the password update was successful; however, the system may continue to accept the previous or default credentials, demonstrating that the password-change process is not consistently enforced. Even after a factory reset, attempted password changes may fail to propagate correctly."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T23:52:16.129Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://senselive.io/contact"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Insufficiently Protected Credentials",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-39462",
"datePublished": "2026-04-23T23:52:16.129Z",
"dateReserved": "2026-04-14T16:05:54.161Z",
"dateUpdated": "2026-04-24T18:18:50.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35503 (GCVE-0-2026-35503)
Vulnerability from cvelistv5 – Published: 2026-04-23 23:50 – Updated: 2026-04-24 13:51
VLAI?
Title
SenseLive X3050 Use of Hard-coded Credentials
Summary
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these exposed parameters and gain unauthorized access to administrative functionality.
Severity ?
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Date Public ?
2026-04-21 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35503",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T13:51:31.188310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T13:51:40.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X3050",
"vendor": "SenseLive",
"versions": [
{
"status": "affected",
"version": "V1.523"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin Nambiar J reported these vulnerabilities to CISA."
}
],
"datePublic": "2026-04-21T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in\u0026nbsp;SenseLive X3050\u2019s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these exposed parameters and gain unauthorized access to administrative functionality."
}
],
"value": "A vulnerability in\u00a0SenseLive X3050\u2019s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these exposed parameters and gain unauthorized access to administrative functionality."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T23:50:03.513Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://senselive.io/contact"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact\u0026nbsp;"
}
],
"value": "SenseLive did not respond to CISA\u0027s requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information. https://senselive.io/contact"
}
],
"source": {
"advisory": "ICSA-26-111-12",
"discovery": "EXTERNAL"
},
"title": "SenseLive X3050 Use of Hard-coded Credentials",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-35503",
"datePublished": "2026-04-23T23:50:03.513Z",
"dateReserved": "2026-04-14T16:05:54.153Z",
"dateUpdated": "2026-04-24T13:51:40.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}