SD-330AC and AMC Manager unauthenticated RCE (CVE-2026-32956)

Patch now - CVE-2026-32956 is a critical unauthenticated remote code execution in Silex SD-330AC devices and AMC Manager software that grants attackers full device compromise via a crafted redirect URL. Update to the latest patched version immediately.

Overview

A critical vulnerability, tracked as CVE-2026-32956, has been identified in the SD-330AC device and AMC Manager software from silex technology, Inc. This flaw is a heap-based buffer overflow that occurs when the software processes redirect URLs. With a maximum CVSS score of 9.8, it represents a severe risk to affected systems.

Vulnerability Details

The vulnerability exists within the component that handles HTTP redirects. By sending a specially crafted, overly long URL to a vulnerable device, an attacker can trigger a buffer overflow in the device’s memory (heap). This corruption can be leveraged to take control of the application’s execution flow. The attack requires no authentication (Privileges Required: NONE) and no user interaction, making it remotely exploitable over a network.

Impact

If successfully exploited, this vulnerability allows an unauthenticated remote attacker to execute arbitrary code on the affected device. This could lead to a complete compromise of the device, enabling data theft, installation of persistent malware, or use of the device as a foothold for further attacks within a network. Given the high severity and ease of exploitation, this vulnerability is a significant threat.

Affected Products

• Silex SD-330AC (all versions prior to patched firmware)
• Silex AMC Manager (all versions prior to patched software)

Remediation and Mitigation

The primary and most effective action is to apply the official patch provided by silex technology, Inc.

Patch Immediately: All users of SD-330AC devices and AMC Manager software must upgrade to the latest firmware or software version released by Silex. Consult the official Silex security advisory for specific version numbers and download links.

Interim Mitigation: If patching cannot be performed immediately, network-level controls are critical. Restrict network access to the management interfaces of these devices to only trusted, necessary IP addresses using firewall rules. Monitor network traffic for anomalous requests to these devices. As this is a memory corruption flaw, there are no known configuration changes within the software itself to mitigate the risk.

Verification: After applying updates, verify the new version is running and conduct appropriate testing to ensure system functionality.

Security Insight

This vulnerability highlights the persistent risk of memory corruption flaws in network-facing device management interfaces, a common attack surface for embedded systems. Similar buffer overflows in device management platforms have historically been leveraged to build botnets. It underscores the necessity for vendors to implement rigorous secure coding practices, including bounds checking and fuzz testing, for all input-handling routines, especially in critical components like URL parsers. For more on how such vulnerabilities can lead to incidents, see our breach reports.

Further Reading

• All Critical Vulnerabilities
• Recent Critical Vulnerabilities
• Top Critical CVEs