Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to vulnerabilities
High

Information disclosure via risky cryptographic algorithm in Silex SD-330AC and AMC Manager

IdentifiersCVE-2026-32959CWE-327· Use of a Broken or Risky…

CVE-2026-32959 affects Silex Technology SD-330AC and AMC Manager and is classified as CWE-327 (Use of a Broken or Risky Cryptographic Algorithm). The products use a cryptographic algorithm considered broken or otherwise risky, which weakens protection of traffic handled by the devices/software. According to the vendor and advisory summaries, this weakness allows information contained in network traffic to be retrieved by an attacker performing a man-in-the-middle attack. The available information does not identify the specific algorithm or implementation detail.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation enables confidentiality compromise of traffic associated with the affected products. An attacker positioned to intercept communications can recover sensitive information from the traffic. Available information indicates high confidentiality impact, with no stated integrity or availability impact.

Mitigation

If you can’t patch tonight, do this now.

If immediate patching is not possible, reduce exposure to man-in-the-middle conditions by restricting network access to trusted segments, avoiding untrusted/intermediate networks, and using network segmentation. The provided content does not list a CVE-2026-32959-specific workaround beyond applying the vendor updates.

Remediation

Patch, then assume compromise.

Update affected products to fixed versions identified by the vendor: SD-330AC firmware version 1.50 or later and AMC Manager version 5.1.0 or later.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
Silex TechnologyAmc Managerapplication
Silex TechnologySd-330achardware
SilextechnologyAmc Managerapplication
SilextechnologySd-330ac Firmwareoperating_system

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

5 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

5 SOURCESView more in app
the hacker newsNews
Apr 21, 2026
22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters

An information disclosure vulnerability affecting the discussed serial-to-IP converter products.

Read more
cvefeed high severityNews
Apr 20, 2026
CVE-2026-32959 - Silex Technology, Inc. SD-330AC and AMC Manager Weak Cryptography Vulnerability

A vulnerability in SD-330AC and AMC Manager from silex technology, Inc. involving use of a broken or risky cryptographic algorithm, which could allow information in traffic to be retrieved via a man-in-the-middle attack.

Read more
jvn japanNews
Apr 20, 2026
JVNVU#94271449: Multiple vulnerabilities in silex technology SD-330AC and AMC Manager

A vulnerability caused by use of a broken or risky cryptographic algorithm affecting silex technology SD-330AC and AMC Manager.

Read more
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity1

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2026-32959
NVD
nvd.nist.gov/vuln/detail/CVE-2026-32959
MITRE CWE · CWE-327
Use of a Broken or Risky Cryptographic Algorithm
Vendor Advisory
silex.jp/support/security-advisories/2026-001
Vendor Advisory
silex.jp/support/security-advisories/en/2026-001
Third Party Advisory
jvn.jp/en/vu/JVNVU94271449