Geovision
Monthly
Stack-based buffer overflow (CWE-121) in the GV-Cloud component of GeoVision GV-VMS V20 20.0.2 enables a remote attacker with a network-intercept position to crash the video management system, causing high-impact denial of service against physical security infrastructure. Exploitation requires impersonating the legitimate GV-Cloud server - achieved via MitM techniques - and delivering a specially crafted network payload that corrupts stack memory in the GV-Cloud client handler. Reported by Cisco Talos (TALOS-2026-2411); no public exploit has been identified at time of analysis and no CISA KEV listing exists.
Stack-based buffer overflow (CWE-121) in the GV-Cloud component of GeoVision GV-VMS V20 20.0.2 enables a remote attacker with a network-intercept position to crash the video management system, causing high-impact denial of service against physical security infrastructure. Exploitation requires impersonating the legitimate GV-Cloud server - achieved via MitM techniques - and delivering a specially crafted network payload that corrupts stack memory in the GV-Cloud client handler. Reported by Cisco Talos (TALOS-2026-2411); no public exploit has been identified at time of analysis and no CISA KEV listing exists.