VYPR

XProtect VMS

by Milestone Systems

CVEs (2)

  • CVE-2025-0836MedDec 16, 2025
    risk 0.41cvss 6.3epss 0.00

    Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.

  • CVE-2025-1688MedApr 15, 2025
    risk 0.36cvss 5.5epss 0.00

    Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that resets system configuration password after the upgrading from older versions using specific installers. The system configuration password is an additional, optional protection that…