CVE-2026-32683
Summary
| CVE | CVE-2026-32683 |
|---|---|
| State | PUBLISHED |
| Assigner | hikvision |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-05-09 09:16:08 UTC |
| Updated | 2026-05-09 09:16:08 UTC |
| Description | Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video encryption feature. |
Risk And Classification
Primary CVSS: v3.1 5.3 MEDIUM from [email protected]
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Secondary | 5.3 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
| 3.1 | CNA | CVSS | 5.3 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
CVSS v3.1 Breakdown
Attack Vector
AdjacentAttack Complexity
HighPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
NoneAvailability
NoneCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabi... | [email protected] | www.hikvision.com | |
| www.ezviz.com/inter/trust-center/security/security-notice/2026.05.08 | [email protected] | www.ezviz.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Cisco Talos (en)
There are currently no legacy QID mappings associated with this CVE.