CISA 2026-04-23

Milesight Cameras

Machine-generated analysis · WAYSCloud LLM

Five CVEs affect multiple Milesight camera models with the same firmware versions. The advisory does not specify patch availability or mitigation details.

Context

The affected products are Milesight security cameras across multiple series and models. The advisory states that successful exploitation could crash the device or allow remote code execution. Worth noting that the same set of five CVEs appears across all listed models with identical or similar firmware version constraints.

Operator considerations

Check: Inventory all Milesight cameras and verify firmware versions against the listed affected ranges.
Isolate: Segment camera networks to restrict unnecessary inbound access.
Log: Monitor for unexpected device crashes or unusual network traffic to cameras.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of these vulnerabilities could crash the device being accessed or allow remote code execution.

The following versions of Milesight Cameras are affected:

MS-Cxx63-PD

Read the full advisory on CISA →