CVE-2026-32683

EUVD-2026-28907
Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video encryption feature.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
References
https://www.ezviz.com/inter/trust-center/security/security-notice/2026.05.08
https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-cloud-function-modules-of-some-hikvisi/