CVE-2026-32644: CWE-321 in Milesight MS-Cxx63-PD
Certain firmware versions of the Milesight MS-Cxx63-PD AIOT cameras use SSL certificates that rely on default private keys. This vulnerability, identified as CWE-321, exposes the devices to potential compromise of encrypted communications. The CVSS 4.0 score of 9.2 indicates a critical severity due to network attack vector, low attack complexity, and no required privileges or user interaction. No official patch or remediation guidance is currently available from the vendor. There are no known exploits in the wild at this time.
AI Analysis
Technical Summary
CVE-2026-32644 affects specific firmware versions of the Milesight MS-Cxx63-PD AIOT cameras by using SSL certificates with default private keys. This cryptographic weakness (CWE-321) undermines the security of SSL/TLS communications, potentially allowing attackers to decrypt or impersonate the device's encrypted traffic. The vulnerability has a critical CVSS 4.0 base score of 9.2, reflecting its high impact and ease of exploitation over the network without privileges or user interaction. No patch or official remediation level has been published, and no exploits are currently known in the wild.
Potential Impact
The use of default private keys in SSL certificates compromises the confidentiality and integrity of communications with the affected cameras. Attackers could potentially decrypt intercepted traffic or perform man-in-the-middle attacks, leading to unauthorized access or data exposure. Given the critical CVSS score and network attack vector, this vulnerability poses a significant risk to environments deploying these devices.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider limiting network exposure of affected devices and monitoring for unusual activity. Avoid deploying affected firmware versions where possible and follow vendor communications for updates.
CVE-2026-32644: CWE-321 in Milesight MS-Cxx63-PD
Description
Certain firmware versions of the Milesight MS-Cxx63-PD AIOT cameras use SSL certificates that rely on default private keys. This vulnerability, identified as CWE-321, exposes the devices to potential compromise of encrypted communications. The CVSS 4.0 score of 9.2 indicates a critical severity due to network attack vector, low attack complexity, and no required privileges or user interaction. No official patch or remediation guidance is currently available from the vendor. There are no known exploits in the wild at this time.
CVSS v4.0
Score 9.2critical
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-32644 affects specific firmware versions of the Milesight MS-Cxx63-PD AIOT cameras by using SSL certificates with default private keys. This cryptographic weakness (CWE-321) undermines the security of SSL/TLS communications, potentially allowing attackers to decrypt or impersonate the device's encrypted traffic. The vulnerability has a critical CVSS 4.0 base score of 9.2, reflecting its high impact and ease of exploitation over the network without privileges or user interaction. No patch or official remediation level has been published, and no exploits are currently known in the wild.
Potential Impact
The use of default private keys in SSL certificates compromises the confidentiality and integrity of communications with the affected cameras. Attackers could potentially decrypt intercepted traffic or perform man-in-the-middle attacks, leading to unauthorized access or data exposure. Given the critical CVSS score and network attack vector, this vulnerability poses a significant risk to environments deploying these devices.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider limiting network exposure of affected devices and monitoring for unusual activity. Avoid deploying affected firmware versions where possible and follow vendor communications for updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- icscert
- Date Reserved
- 2026-03-12T17:51:09.896Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69f008add3d5ab9102728411
Added to database: 4/28/2026, 1:09:01 AM
Last enriched: 5/5/2026, 7:33:12 AM
Last updated: 6/12/2026, 12:20:42 PM
Views: 111
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.