CVE-2026-29114 - Vulnerability Details - OpenCVE

A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust chain.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction Passive

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dahua	Ipc

No data.

No data.

References

Link	Providers
https://www.dahuasecurity.com/about-dahua/trust-center/dahua-psirt/dhcc-sa-202606-001:-security-advisory-%E2%80%93-vulnerabilities-found-in-some-dahua-products

History

Wed, 10 Jun 2026 08:15:00 +0000

Type	Values Removed	Values Added
Title		Public Disclosure of Dahua IPC CA Root Certificate Enables Fake Trusted Certificates

Wed, 10 Jun 2026 07:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Dahua Dahua ipc
Vendors & Products		Dahua Dahua ipc

Wed, 10 Jun 2026 06:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust chain.
Weaknesses		CWE-538
References		https://www.dahuasecurity.com/about-dahua/trust-center/dahua-psirt/dhcc-sa-202606-001:-security-advisory-%E2%80%93-vulnerabilities-found-in-some-dahua-products
Metrics		cvssV4_0 `{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: dahua

Published: 2026-06-10T05:44:50.397Z

Updated: 2026-06-10T05:44:50.397Z

Reserved: 2026-03-04T03:32:28.880Z

Link: CVE-2026-29114

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-10T07:16:24.890

Modified: 2026-06-10T07:16:24.890

Link: CVE-2026-29114

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-29114", "assignerOrgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad", "state": "PUBLISHED", "assignerShortName": "dahua", "dateReserved": "2026-03-04T03:32:28.880Z", "datePublished": "2026-06-10T05:44:50.397Z", "dateUpdated": "2026-06-10T05:44:50.397Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad", "shortName": "dahua", "dateUpdated": "2026-06-10T05:44:50.397Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-538", "description": "CWE-538 Insertion of sensitive information into Externally-Accessible file or directory", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-37", "descriptions": [{"lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data"}]}], "affected": [{"vendor": "Dahua", "product": "IPC", "versions": [{"status": "affected", "version": "Some IPC models are affected, specifically those with a build date before April 15, 2026.", "versionType": "date"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in some Dahua products. An attacker\nmay obtain the device\u2019s CA root certificate. If that CA is installed and\ntrusted on client systems, the attacker could issue fraudulent certificates\ntrusted by those clients and undermine the certificate trust chain.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A vulnerability has been found in some Dahua products. An attacker\nmay obtain the device\u2019s CA root certificate. If that CA is installed and\ntrusted on client systems, the attacker could issue fraudulent certificates\ntrusted by those clients and undermine the certificate trust chain.</p>"}]}], "references": [{"url": "https://www.dahuasecurity.com/about-dahua/trust-center/dahua-psirt/dhcc-sa-202606-001:-security-advisory-%E2%80%93-vulnerabilities-found-in-some-dahua-products"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "LOW", "baseScore": 2.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in some Dahua products. An attacker\nmay obtain the device\u2019s CA root certificate. If that CA is installed and\ntrusted on client systems, the attacker could issue fraudulent certificates\ntrusted by those clients and undermine the certificate trust chain."}], "id": "CVE-2026-29114", "lastModified": "2026-06-10T07:16:24.890", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cybersecurity@dahuatech.com", "type": "Secondary"}]}, "published": "2026-06-10T07:16:24.890", "references": [{"source": "cybersecurity@dahuatech.com", "url": "https://www.dahuasecurity.com/about-dahua/trust-center/dahua-psirt/dhcc-sa-202606-001:-security-advisory-%E2%80%93-vulnerabilities-found-in-some-dahua-products"}], "sourceIdentifier": "cybersecurity@dahuatech.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-538"}], "source": "cybersecurity@dahuatech.com", "type": "Secondary"}]}