top of page
perceptive_background_267k.jpg

An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.

Published:

27 April 2026 at 22:00:00

Alert date:

28 April 2026 at 02:02:55

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Critical Infrastructure

An out-of-bounds memory access vulnerability has been identified in specific firmware versions of Milesight AIOT cameras. This vulnerability is tracked as CVE-2026-20766 and affects industrial IoT camera systems. The issue involves improper memory handling that could potentially allow attackers to access memory outside the intended boundaries. CISA has issued an advisory (ICSA-26-113-03) regarding this vulnerability. Milesight has made firmware updates available to address this security flaw. The vulnerability impacts the security of IoT camera infrastructure and could pose risks to surveillance systems.

Technical details

Mitigation steps:

Affected products:

Milesight AIOT cameras

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-20766
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03
https://www.milesight.com/support/download/firmware

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page