top of page
perceptive_background_267k.jpg

Anviz CX7 Firmware is 
vulnerable because the application embeds reusable certificate/key
material, enabling decryption of MQTT traffic and potential interacti…

Published:

16 april 2026 om 22:00:00

Alert date:

17 april 2026 om 21:03:48

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Critical Infrastructure

Anviz CX7 Firmware contains a critical vulnerability where the application embeds reusable certificate and key material. This security flaw allows attackers to decrypt MQTT traffic and potentially interact with device messaging channels at scale. The vulnerability poses significant risks to IoT device communications and could enable widespread compromise of affected devices. The embedded cryptographic material creates a fundamental security weakness that undermines the confidentiality of device communications.

Technical details

Mitigation steps:

Affected products:

Anviz CX7 Firmware

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-32324
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json
https://www.anviz.com/contact-us.html
https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page