CVE-2026-32959
Weak Cryptography in Silex SD-330AC and AMC Manager Enables MITM
Publication date: 2026-04-20
Last updated on: 2026-04-22
Assigner: JPCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| silextechnology | sd-330ac_firmware | to 1.50 (exc) |
| silextechnology | amc_manager | to 5.1.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-327 | The product uses a broken or risky cryptographic algorithm or protocol. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the SD-330AC and AMC Manager products by silex technology, Inc. It involves the use of a broken or risky cryptographic algorithm. Because of this weakness, information transmitted over the network can be intercepted and retrieved by an attacker performing a man-in-the-middle attack.
How can this vulnerability impact me? :
The vulnerability can lead to sensitive information being exposed to unauthorized parties through man-in-the-middle attacks. This means that confidential data transmitted by the affected products could be intercepted and accessed by attackers, potentially compromising privacy and security.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability involves the use of a broken or risky cryptographic algorithm in SD-330AC and AMC Manager by silex technology, Inc., which allows information in the traffic to be retrieved via a man-in-the-middle attack.
Such a vulnerability could potentially impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data in transit. The exposure of information through interception may violate requirements for data confidentiality and security controls mandated by these regulations.