CVE-2026-32644

Description

Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.

PUBLISHED Reserved 2026-03-12 | Published 2026-04-27 | Updated 2026-04-28 | Assigner icscert

Problem types

CWE-321

Product status

Credits

Souvik Kandar reported these vulnerabilities to CISA finder

References

www.cisa.gov/news-events/ics-advisories/icsa-26-113-03

github.com/...p/csaf_files/OT/white/2026/icsa-26-113-03.json

www.milesight.com/support/download/firmware

cve.org (CVE-2026-32644)

nvd.nist.gov (CVE-2026-32644)

Download JSON