CVE-2026-28747

A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.

Published Date :

Last Modified :

Source :

The following products are affected by CVE-2026-28747 vulnerability.

Vendors	Products
Milesight	Ms-c2964-rflpc Ms-c2966-rflwpc Ms-c2966-x12rlpc Ms-c2966-x12rlvpc Ms-c2972-rflpc Ms-c5321-fpe Ms-c5361-x12lpc Ms-c5366-x12lpc Ms-c5366-x12lvpc Ms-c8477-hpg1 Ms-c8477-pc Ms-cqxx31-xxxg1 Ms-cqxx68-xxxg1 Ms-cqxx72-xxxg1 Ms-cxx41-xxxpe Ms-cxx52-xxxpe Ms-cxx61-xxxpe Ms-cxx62-xxxg1 Ms-cxx62-xxxpe Ms-cxx63-pd Ms-cxx64-xpd Ms-cxx65-pe Ms-cxx66-fipkg1 Ms-cxx66-rfipkg1 Ms-cxx66-xxxg1 Ms-cxx66-xxxgpe Ms-cxx66-xxxpe Ms-cxx66-xxxxgopc Ms-cxx67-xxxpe Ms-cxx71-xxxpe Ms-cxx72-fipkg1 Ms-cxx72-rfipkg1 Ms-cxx72-xxxg1 Ms-cxx72-xxxpe Ms-cxx73-xpd Ms-cxx74-pa Ms-cxx75-xxpd Ms-cxx76-pe Ms-cxx83-xpd Ms-nxxxx-nxe Ms-nxxxx-xxc Ms-nxxxx-xxe Ms-nxxxx-xxg Ms-nxxxx-xxh Ms-nxxxx-xxt Pm3322-e Pmc8266-fgpe Pmc8266-fpe Sc211 Sp111 Ts2841-x36tpc Ts2841-x36tpc/w Ts2866-x4tgpc Ts2866-x4tpc Ts2866-x4tvpc Ts2867-x5tpc Ts2961-x12tpc Ts2966-x12tpe Ts2966-x12tvpe Ts4441-x36re Ts4441-x36rpe Ts4466-rfivpg1 Ts4466-x4ripg1 Ts4466-x4rivpg1 Ts4466-x4riwg1 Ts4466-x4rpe Ts4466-x4rvpe Ts4466-x4rwe Ts5366-x12pe Ts5366-x12ripg1 Ts5366-x12vpe Ts5510-gh Ts5510-gvh Ts5511-gvh Ts8266-fpc/p Ts8266-rfivpg1 Ts8266-x4pe Ts8266-x4ripg1 Ts8266-x4rivpg1 Ts8266-x4riwg1 Ts8266-x4vpe Ts8266-x4we

Vendors

Products

Milesight

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-28747.

URL	Resource
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03
https://www.milesight.com/support/download/firmware

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact