REPORT A VULNERABILITY

Please fill in all fields.

REPORT INFORMATION

Symbol count 0/3000
Have you made any reports about this vulnerability to other parties?

Do you wish for it to be publicly acknowledged?

Security Vulnerability Management

Protecting our customers from threats to their security is always an important task for Milesight. As a key player in global IoT and networking market, we will do our utmost to provide our users with secure products and
services, and to strictly protect the privacy and security of their data.

vulnerability background
  • Security Declaration
    Our top concern is offering secure products and services. So, we make it a point to focus on security at every level of the design, development, and testing of our products and services. The Milesight technical team is responsible for responding to the Milesight product security threats. Being dedicated to the best user experiences and customer rights, the professional team manages the receipt, investigation and reporting of any security vulnerability.
  • Vulnerability Definition
    Milesight defines a security vulnerability as a weakness in the computational logic found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, or availability. Milesight reserves the right to deviate from this definition based on specific circumstances.

Vulnerabilities Response Process

Vulnerability
Response Process
Discover or Reported
Got Notification
Verification
Vulnerability
Confirmed
Vulnerability Not
Confirmed
Active
Management
Vulnerability
Fixed
Mission
Complete
1 Milesight encourages customers, vendors, independent researchers, security organizations, etc. to proactively report any potential vulnerabilities to the technical team. At the same time, Milesight will proactively obtain information about vulnerabilities in Milesight products from the community, vulnerability repositories and various security websites. In order to be aware of vulnerabilities as soon as they are discovered.
2 Milesight will respond to vulnerability reports as soon as possible, usually within five business days.
3 Milesight Technical Team will work with the product team to perform a preliminary analysis and validation of the report to determine the validity, severity and impact of the vulnerability. We may contact you if we need more information about the reported vulnerability.
4 Once the vulnerability has been identified, we will develop and implement a remediation plan to provide a solution for all affected customers.
Report A Vulnerability
Note:
1. All parties to a vulnerability disclosure should comply with the laws of their country or region.
2. Vulnerability reports should be based on the latest released firmware, and preferably written in English.Milesight will respond to vulnerability reports as soon as possible, usually within five business days.

Vulnerability Advisory

Advisory ID
CVEs
Related Product
Fixed Version
Updated On
3x.3.0.8-r1
CVE-2023-47166 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1852
UR32L, UR32. UR35
3x.3.0.8-r1
2024-7-12
2.0.3
Multiple vulnerabilities were remediated: CVE-2023-22371, CVE-2023-23907, CVE-2023-22844, CVE-2023-22319 Find More information on: https://blog.talosintelligence.com/talos-discovers-17-vulnerabilities-in-milesight/
MilesightVPN
2.0.3
2023-09-22
34.3.0.4-r2
3x.3.0.7-r2
41.0.0.3
Multiple vulnerabilities were remediated: CVE-2023-23550, CVE-2023-23547, CVE-2023-23571, CVE-2023-23902, CVE-2023-22306, CVE-2023-22659, CVE-2023-23546, CVE-2023-24519, CVE-2023-24520, CVE-2023-24583, CVE-2023-24582, CVE-2023-22365, CVE-2023-22299, CVE-2023-24595, CVE-2023-22653, CVE-2023-24018, CVE-24019, CVE-2023-25582, CVE-2023-25583, CVE-2023-25091, CVE-2023-25107, CVE-2023-25113, CVE-2023-25120, CVE-2023-25122, CVE-2023-25082, CVE-2023-25095, CVE-2023-25117, CVE-2023-25121, CVE-2023-25115, CVE-2023-25118, CVE-2023-25124, CVE-2023-25101, CVE-2023-25123, CVE-2023-25102, CVE-2023-25084, CVE-2023-25093, CVE-2023-25097, CVE-2023-25103, CVE-2023-25096, CVE-2023-25090, CVE-2023-25085, CVE-2023-25106, CVE-2023-25104, CVE-2023-25086, CVE-2023-25088, CVE-2023-25105, CVE-2023-25112, CVE-2023-25089, CVE-2023-25098, CVE-2023-25081, CVE-2023-25094, CVE-2023-25100, CVE-2023-25110, CVE-2023-25109, CVE-2023-25099, CVE-2023-25119, CVE-2023-25083, CVE-2023-25087, CVE-2023-25116, CVE-2023-25092, CVE-2023-25108, CVE-2023-25111, CVE-2023-25114 Find More information on: https://blog.talosintelligence.com/talos-discovers-17-vulnerabilities-in-milesight/
UR32S
UR32L, UR32, UR35
UR41
34.3.0.4-r2
3x.3.0.7-r2
41.0.0.3
2023-11-21
2023-08-28
2023-08-28

Report Vulnerabilities to Milesight

We strongly encourage organizations and individuals to contact Milesight technical team to report any potential security issue.

  • Iot.support@milesight.com
  • Milesight will endeavor to respond to the report within five working days.
Note:
To accurately and fast verification process and address vulnerabilities, Milesight will need detailed reported information
Report A Vulnerability

*Your Email

*Country

*Your Phone

*Company

*Your Website

*Business Type

*What Product are You Interested in?

*Message

*Verification Code

Verify Code

If you are interested in Milesight, please leave us a message.

Verify Code

Contact Us

Contact Us

Verify Code

Contact Us to Get More Information