CVE-2026-1241
8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web management interface. The flaw stems from inadequate enforcement of access controls, allowing certain functionality to be accessed without proper authentication. This weakness can lead to unauthorized viewing of live video streams, creating privacy concerns and operational risks for organizations relying on these cameras. Additionally, it may expose operators to regulatory and compliance challenges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Pelco, Inc. | Sarix Professional IMP 3 Series | 0 <= 02.52 | affected |
| Pelco, Inc. | Sarix Professional IXP 3 Series | 0 <= 02.52 | affected |
| Pelco, Inc. | Sarix Professional IBP 3 Series | 0 <= 02.52 | affected |
| Pelco, Inc. | Sarix Professional IWP 3 Series | 0 <= 02.52 | affected |
Weaknesses
- CWE-288: CWE-288 Authentication Bypass Using an Alternate Path or Channel
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.