CVE-2026-12488

Summary

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. 

A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
GeoVision Inc.GeoVisionV20.0.2affected
GeoVision Inc.GeoVisionV20.1.0.0unaffected

Weaknesses

  • CWE-121: CWE-121 Stack-based buffer overflow

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References