Legacy API Interface Vulnerability in EZVIZ Products
CVE-2026-32683

5.3MEDIUM

Key Information:

Vendor: Ezviz
Status: Ezviz App
Vendor: CVE Published:; 9 May 2026

What is CVE-2026-32683?

Certain EZVIZ products leverage outdated cloud feature modules that employ legacy API interfaces, creating significant risks for data transmission. Attackers may exploit this vulnerability by eavesdropping on sensitive network requests to hijack user data. To mitigate this risk, users are strongly encouraged to upgrade their applications to the latest versions and activate the video encryption feature to enhance security.

Affected Version(s)

EZVIZ APP iOS: Versions prior to 7.3.1

EZVIZ APP Android: Versions prior to 7.3.0.0210

References

https://www.ezviz.com/inter/trust-center/security/securit...

https://www.hikvision.com/en/support/cybersecurity/securi...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 9, 2026
Vulnerability Reserved
Mar 13, 2026

Credit

Cisco Talos

CVE-2026-32683 Data

JSON

Ezviz

What is CVE-2026-32683?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit