PatchSiren cyber security CVE debrief
CVE-2026-29116 Dahua CVE debrief
A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service. This vulnerability has a CVSS score of 8.7 and is classified as HIGH severity.
- Vendor
- Dahua
- Product
- IPC/SD/NVR/XVR/EVS/VTO/VTH/ASI/TPC
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Administrators and users of Dahua products should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability exists in some Dahua products and can be exploited by an unauthenticated remote attacker. The attacker can send a specially crafted packet to trigger an exception, causing the system to reboot unexpectedly and resulting in a denial of service.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor as soon as possible.
- Restrict access to the affected systems and networks.
- Monitor system logs for suspicious activity.
Evidence notes
The CVE record and NVD detail can be found at [cve-org] and [nvd], respectively. The vendor's security advisory can be found at [ref-4].
Official resources
-
CVE-2026-29116 CVE record
CVE.org
-
CVE-2026-29116 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-29116 was published on 2026-06-10T07:16:25.143Z and modified on 2026-06-10T20:11:16.543Z.