CVE-2026-29115

Summary

A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service.

Affected Software

VendorProductVersion RangeStatus
DahuaIPC/SDAffected products are limited to certain models of IPC and SD devices with a build time before March 26, 2026.affected

Weaknesses

  • CWE-617: CWE-617 Reachable assertion

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References