CVE-2026-40624NVD

Vulnerability Summary

Improper input validation in AVer PTC500S, PTC115, PTC500+, and PTC115+
cameras may allow a remote, unauthenticated attacker to achieve
arbitrary code execution via a specially crafted web request.

Severity Level

CRITICAL(9.8)

Published Date

Jun 18, 2026

Last Modified

Jun 18, 2026

Exploitation Status

No confirmed exploitation yet

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

N/A

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-01
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-169-01.json

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-40624NVD

Vulnerability Summary

External References