CVE-2026-1241

Summary

The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web management interface. The flaw stems from inadequate enforcement of access controls, allowing certain functionality to be accessed without proper authentication. This weakness can lead to unauthorized viewing of live video streams, creating privacy concerns and operational risks for organizations relying on these cameras. Additionally, it may expose operators to regulatory and compliance challenges.

Affected Software

VendorProductVersion RangeStatus
Pelco, Inc.Sarix Professional IMP 3 Series0 <= 02.52affected
Pelco, Inc.Sarix Professional IXP 3 Series0 <= 02.52affected
Pelco, Inc.Sarix Professional IBP 3 Series0 <= 02.52affected
Pelco, Inc.Sarix Professional IWP 3 Series0 <= 02.52affected

Weaknesses

  • CWE-288: CWE-288 Authentication Bypass Using an Alternate Path or Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References