Browse all 4 CVE security advisories affecting Milestone Systems. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Milestone Systems develops video management software (VMS) for IP surveillance systems, enabling centralized security camera monitoring and management. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and authentication flaws. While no major public security incidents have been widely documented, the presence of four CVEs indicates ongoing security challenges. The company's VMS platforms, which integrate with various third-party devices, require regular patching to mitigate risks associated with network-exposed surveillance infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-0836 | XProtect MIP API Missing Authorization — XProtect VMSCWE-862 | 6.3 | Medium | 2025-12-16 |
| CVE-2025-1688 | System configuration password reset — XProtect VMSCWE-1394 | 5.5 | Medium | 2025-04-15 |
| CVE-2024-12569 | Sensitive Information in Driver’s Log File — XProtect VMSCWE-532 | 7.8 | High | 2024-12-19 |
| CVE-2024-3506 | Camera Driver possible Buffer Overflow — XProtect VMSCWE-120 | 6.7 | Medium | 2024-10-08 |
This page lists every published CVE security advisory associated with Milestone Systems. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.