CVE-2026-32965 | THREATINT

Description

Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial (factory-default) configuration, the device can be configured with the null string password.

PUBLISHED Reserved 2026-03-17 | Published 2026-04-20 | Updated 2026-04-20 | Assigner jpcert

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

Initialization of a resource with an insecure default

Product status

Ver.1.42 and earlier

affected

Ver.5.0.2 and earlier

affected

References

www.silex.jp/support/security-advisories/en/2026-001

www.silex.jp/support/security-advisories/2026-001

jvn.jp/en/vu/JVNVU94271449/

cve.org (CVE-2026-32965)

nvd.nist.gov (CVE-2026-32965)

Download JSON