Description
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sx_smpd. Processing a crafted packet may cause a temporary denial-of-service (DoS) condition.
Published: 2026-04-20
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Vendor Update
AI Analysis

Impact

A heap‑based buffer overflow exists in the packet data processing routine of sx_smpd, which is used by the Silex Technology, Inc. products AMC Manager and SD‑330AC. An attacker who can send a specially crafted packet can trigger the overflow, resulting in a temporary denial‑of‑service condition. The weakness is a classic buffer overflow (CWE‑122) where insufficient bounds checking allows a user’s input to corrupt memory on the heap.

Affected Systems

The vulnerability affects Silex Technology, Inc. products: AMC Manager and SD‑330AC. Version information is not specified in the advisory, so all installations of these products are potentially at risk until a vendor patch is applied. The advisory references the Japanese security site JVN and the vendor’s own security advisory pages for more detail.

Risk and Exploitability

The CVSS score of 6.9 indicates a high impact, though the likelihood of exploitation is unclear as EPSS data is not available. The issue is not listed in the CISA KEV catalog, suggesting no known widespread exploitation yet. The attack vector is inferred to be remote or local packet injection to sx_smpd, as the flaw is triggered by malformed packet data. Mitigation requires vendor remediation and potential network filtering to reduce exposure.

Generated by OpenCVE AI on April 20, 2026 at 05:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade AMC Manager and SD‑330AC to a patched version released by Silex Technology, Inc.
  • If a patch is not yet available, block or filter traffic to the sx_smpd service to prevent malicious packets from reaching the vulnerable component.
  • Continuously monitor the affected systems for repeated crashes or failed service restarts indicative of DoS attempts.

Generated by OpenCVE AI on April 20, 2026 at 05:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Silextechnology
Silextechnology amc Manager
Silextechnology sd-330ac
Vendors & Products Silextechnology
Silextechnology amc Manager
Silextechnology sd-330ac
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 20 Apr 2026 05:45:00 +0000

Type Values Removed Values Added
Title Heap‑Based Buffer Overflow in Silex AMC Manager and SD‑330AC Causing Temporary Denial of Service

Mon, 20 Apr 2026 04:00:00 +0000

Type Values Removed Values Added
Description SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sx_smpd. Processing a crafted packet may cause a temporary denial-of-service (DoS) condition.
Weaknesses CWE-122
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Silextechnology Amc Manager Sd-330ac
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-04-20T13:57:57.283Z

Reserved: 2026-03-17T00:23:24.981Z

Link: CVE-2026-32961

cve-icon Vulnrichment

Updated: 2026-04-20T13:57:53.925Z

cve-icon NVD

Status : Received

Published: 2026-04-20T04:16:44.433

Modified: 2026-04-20T04:16:44.433

Link: CVE-2026-32961

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T14:58:19Z

Weaknesses