EZVIZ - Kolay Akıllı Ev Ürünleri

Notice Regarding Security Vulnerability in Cloud Feature Modules of Some EZVIZ Products

Notice Released By: EZVIZ Security Team

Initial Release Date: 2026-05-08

Vulnerability & Affected Versions:

Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk.

Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version

and enable the video encryption feature.

Affected Products

Affected Versions

EZVIZ APP

iOS: Versions prior to 7.3.1

Android: Versions prior to 7.3.0.0210

Vulnerability ID:

CVE-2026-32683

Scoring:

CVSS v3.1 is adopted in this vulnerability scoring.

(http://www.first.org/cvss/specification-document)

Base score: 5.3 (/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

Fix Progress:

An updated version of the affected EZVIZ App that fixes this vulnerability has been released. Users need to upgrade the app version and

enable the video encryption feature.

Completing Device Firmware Upgrade:

Users can download the latest version from major app stores or upgrade via the in-app update module.

Source of Vulnerability Information:

The vulnerability was reported to EZVIZ Security Team by Chi-en (Ashley) Shen of the Cisco Talos team.

If you believe you have discovered a security vulnerability, please report it to EZVIZ at security@ezviz.com, or join our bounty program on

YesWeHack. Our security team will be in touch if we need more information.

EZVIZ would like to thank all security researchers and professionals who help test, identify and mitigate potential vulnerabilities in EZVIZ

products, ensuring that we continue to respectfully protect people and homes, while securing devices and data.