Skip to main content

Dahua

Vendor security scorecard – 3 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 4
3
CVEs
0
Critical
1
High
0
KEV
0
PoC
1
Unpatched C/H
0.0%
Patch Rate
0.1%
Avg EPSS

Severity Breakdown

CRITICAL
0
HIGH
1
MEDIUM
1
LOW
1

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2026-29116 Remote denial-of-service in multiple Dahua video surveillance product lines (IPC, SD, NVR, XVR, EVS, VTO, VTH, ASI, TPC) allows unauthenticated network attackers to send a specially crafted packet that triggers an unhandled exception (CWE-617), forcing the device into an unexpected reboot. The CVSS 4.0 score of 8.7 reflects high availability impact with no required privileges or user interaction, and no public exploit identified at time of analysis. HIGH 8.7 0.1% 44
No patch
CVE-2026-29115 Denial of service in Dahua IPC and SD (Speed Dome) camera devices allows an authenticated remote attacker to trigger an unexpected system reboot by sending a specially crafted network packet. The vulnerability is vendor-reported under advisory DHCC-SA-202606-001 and affects specific IPC and SD models with firmware built before March 26, 2026. No public exploit code has been identified at time of analysis, and the attack requires high-privilege authentication (PR:H), materially limiting the realistic attacker population. MEDIUM 6.9 0.1% 35
No patch
CVE-2026-29114 CA root certificate exposure in Dahua IPC devices allows unauthenticated network-based attackers, under specific prerequisite conditions, to retrieve the device's internal CA root certificate. If the obtained certificate is installed and trusted on client systems, the attacker could leverage it to issue fraudulent certificates recognized as valid by those clients, collapsing the integrity of affected certificate trust chains. No active exploitation has been confirmed (not in CISA KEV), no public exploit code has been identified, and the CVSS 4.0 score of 2.3 reflects the multi-step, user-dependent nature of the full attack chain. LOW 2.3 0.0% 12
No patch

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy