This website uses cookies to give you the best possible experience. By using this site, you accept our use of cookies. Read our Cookie Policy to learn more.


Proactive system security

If you suspect a security vulnerability with a Milestone product or service, please report the problem immediately.
Milestone will reply within 48 hours.

What we can do to help

Ensuring the security and integrity of all Milestone installations will always remain a top priority to us. Use this page to learn more or to contact us if you suspect you have a cybersecurity vulnerability. We minimize customers’ exposure to risk by ensuring our software and hardware is secure by design, secure by default and secure by deployment.

If a vulnerability flaw is detected, Milestone will provide mitigations and/or software updates as soon as possible with security fixes to customers and partners free of charge – provided the product is still supported.

ONVIF potential security vulnerability

As part of Milestone’s continuous work to provide the world’s best and most secure VMS solution, we have detected a certain vulnerability in gSOAP Toolkit from Genivia, a third-party component used in facilitating ONVIF implementation for general cameras support.The vulnerability may potentially apply to all XProtect VMS systems using devices connected via ONVIF.

This vulnerability is being addressed by Milestone’s engineering team and will be permanently mitigated in its upcoming release. To mitigate vulnerability in XProtect VMS systems in production, Milestone recommends partners and customers follow Milestone hardening guide provided in the link below:

Access Milestone hardening guide here.