Skip to main content

GeoVision GV-VMS CVE-2026-12488

| EUVDEUVD-2026-38645 MEDIUM
Stack-based Buffer Overflow (CWE-121)
2026-06-24 GV GHSA-7j74-f2vx-3rfg
6.2
CVSS 3.1 · Vendor: GV
Share

Severity by source

Vendor (GV) PRIMARY
6.2 MEDIUM
AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:H
vuln.today AI
6.1 MEDIUM

Server impersonation requires MitM network positioning (AC:H) but no privileges on the target (PR:N); impact is confirmed DoS only, with no confidentiality or integrity effect described.

3.1 AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:H
4.0 AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GV).

CVSS VectorVendor: GV

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 24, 2026 - 05:34 vuln.today

DescriptionCVE.org

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2.

A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability.

AnalysisAI

Stack-based buffer overflow (CWE-121) in the GV-Cloud component of GeoVision GV-VMS V20 20.0.2 enables a remote attacker with a network-intercept position to crash the video management system, causing high-impact denial of service against physical security infrastructure. Exploitation requires impersonating the legitimate GV-Cloud server - achieved via MitM techniques - and delivering a specially crafted network payload that corrupts stack memory in the GV-Cloud client handler. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Gain MitM position on VMS network path
Delivery
Intercept outbound GV-VMS-to-GV-Cloud connection
Exploit
Craft oversized malicious server response payload
Install
Deliver payload to GV-Cloud client handler
C2
Trigger stack-based buffer overflow (CWE-121)
Execute
Crash GV-VMS process
Impact
Loss of camera feeds and recording

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to occupy a network-intercept position capable of impersonating the GeoVision GV-Cloud server - specifically achievable through ARP spoofing on the same LAN segment as the GV-VMS host, DNS cache poisoning targeting the cloud server hostname, BGP-level route injection, or deployment of a rogue access point. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-assigned CVSS 3.1 score of 6.2 (Medium) reflects genuinely constrained attack conditions: AV:N confirms the attack is network-reachable, but AC:H (attacker must successfully impersonate the cloud server) materially limits the realistic attacker pool to those capable of DNS poisoning, ARP spoofing, rogue-AP deployment, or network-path hijacking. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker positioned on the network path between a GV-VMS host and the GeoVision cloud endpoint - via ARP poisoning on a shared LAN segment, DNS hijacking, or rogue Wi-Fi access point - intercepts an outbound cloud connection initiated by the VMS software. The attacker responds with a specially crafted network payload that exceeds the stack buffer allocated for server response handling, corrupting the call stack and crashing the GV-VMS process. …
Remediation Consult the GeoVision security advisory at https://www.geovision.com.tw/cyber_security.php for the specific patched GV-VMS release - no exact fixed version number is independently confirmed in the available intelligence, so the advisory page must be checked directly. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-12488 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy