CVE-2026-29114: CWE-538 Insertion of sensitive information into Externally-Accessible file or directory in Dahua IPC
A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust chain.
AI Analysis
Technical Summary
CVE-2026-29114 is a CWE-538 vulnerability in certain Dahua IPC devices that results in the insertion of sensitive information—specifically the device's CA root certificate—into an externally accessible file or directory. This exposure allows an attacker to obtain the CA root certificate. If client systems have this CA installed and trusted, the attacker could issue fraudulent certificates that these clients would trust, thereby compromising the certificate trust chain. The vulnerability affects IPC models built before April 15, 2026. There is no vendor advisory or patch available at this time.
Potential Impact
An attacker who obtains the device's CA root certificate can issue fraudulent certificates trusted by client systems that have the CA installed. This undermines the trust model of certificates and could facilitate man-in-the-middle or impersonation attacks against clients trusting this CA. However, the overall severity is low, and no known exploits have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider restricting access to the device's file system and avoid installing the device's CA root certificate on client systems unless absolutely necessary.
CVE-2026-29114: CWE-538 Insertion of sensitive information into Externally-Accessible file or directory in Dahua IPC
Description
A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust chain.
CVSS v4.0
Score 2.3low
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-29114 is a CWE-538 vulnerability in certain Dahua IPC devices that results in the insertion of sensitive information—specifically the device's CA root certificate—into an externally accessible file or directory. This exposure allows an attacker to obtain the CA root certificate. If client systems have this CA installed and trusted, the attacker could issue fraudulent certificates that these clients would trust, thereby compromising the certificate trust chain. The vulnerability affects IPC models built before April 15, 2026. There is no vendor advisory or patch available at this time.
Potential Impact
An attacker who obtains the device's CA root certificate can issue fraudulent certificates trusted by client systems that have the CA installed. This undermines the trust model of certificates and could facilitate man-in-the-middle or impersonation attacks against clients trusting this CA. However, the overall severity is low, and no known exploits have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider restricting access to the device's file system and avoid installing the device's CA root certificate on client systems unless absolutely necessary.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- dahua
- Date Reserved
- 2026-03-04T03:32:28.880Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a2907048dd33fbd85fa869c
Added to database: 6/10/2026, 6:41:08 AM
Last enriched: 6/10/2026, 6:56:08 AM
Last updated: 6/10/2026, 2:59:52 PM
Views: 10
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.