Skip to main content

Anviz Cx7 Firmware CVE-2026-35061

| EUVDEUVD-2026-23488 MEDIUM
Missing Authorization (CWE-862)
2026-04-17 icscert
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Apr 17, 2026 - 20:07 vuln.today
EUVD ID Assigned
Apr 17, 2026 - 19:45 euvd
EUVD-2026-23488
Analysis Generated
Apr 17, 2026 - 19:45 vuln.today
CVE Published
Apr 17, 2026 - 19:19 nvd
MEDIUM 5.3

DescriptionCVE.org

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery.

AnalysisAI

Anviz CX7 Firmware allows unauthenticated remote retrieval of the most recently captured test photo, exposing sensitive operational imagery without requiring authentication or user interaction. Network-accessible instances are at immediate risk of information disclosure; the vulnerability affects all versions of Anviz CX7 Firmware. No public exploit code or active KEV listing identified at time of analysis, but the trivial exploitation requirements (network access, no authentication, no complexity) combined with CISA ICS advisory issuance (ICSA-26-106-03) indicate material risk in operational technology environments.

Technical ContextAI

Anviz CX7 is a biometric access control device used in physical security deployments. The vulnerability stems from missing authentication controls on an endpoint that serves photo data-specifically, the retrieval mechanism for test photos lacks authorization checks (CWE-862: Missing Authorization). The device exposes this functionality over the network (AV:N) with no additional complexity or user interaction required, suggesting the endpoint is either directly web-accessible or exposed through an unprotected API. The weakness allows any network-connected attacker to enumerate and download operational imagery captured during device testing or calibration, potentially revealing facility layouts, personnel, or other sensitive context.

RemediationAI

Apply the security patch provided by Anviz in response to CISA ICSA-26-106-03; specific patched firmware versions are listed in the advisory at https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03. Upgrade Anviz CX7 devices to the latest firmware as recommended by the vendor. As interim compensating controls, restrict network access to the device's web interface and photo retrieval endpoints using firewall rules or network segmentation; disable or restrict photo capture/test features if operationally feasible; and implement network-level authentication (e.g., VPN, reverse proxy with access control) in front of the device. Verify that the device is not accessible from untrusted networks (internet, guest networks, or adjacent subnets). Note that network segmentation is a standard OT practice and should not degrade facility operations, but disabling photo features may impact device diagnostics and calibration-coordinate with facility management and Anviz support before implementing feature-level restrictions.

Share

CVE-2026-35061 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy