Local Privilege Escalation in GV Edge Recording Manager by GeoVision

CVE-2026-4606

What is CVE-2026-4606?

CVE-2026-4606 is a local privilege escalation vulnerability found in the GV Edge Recording Manager (ERM) software by GeoVision, version 2.3.1. GV ERM is designed for managing video surveillance systems, enabling users to handle various aspects of video capture and storage. The vulnerability arises due to improper handling of application components that run with SYSTEM-level privileges. This flaw allows a local user to gain elevated privileges, potentially leading to complete control over the operating system. When the ERM application is launched, it spawns processes under SYSTEM privileges instead of the appropriate user context, which poses a significant security concern. Functions such as 'Import Data' expose the operating system to risks by allowing users to access file dialogs that operate with elevated permissions, leading to unauthorized modification or deletion of critical system files and directories.

Potential impact of CVE-2026-4606

1. Full System Compromise: The vulnerability can enable an attacker with local access to escalate their privileges to the highest level, potentially leading to total control over the system, allowing for the execution of arbitrary code and malicious activities.

2. Data Integrity Risks: By exploiting this vulnerability, an attacker could modify or delete essential system files and directories, compromising the integrity of the data managed by the software and possibly causing system outages or failures.

3. Increased Attack Surface: With SYSTEM-level access, an attacker could deploy further attacks or malware within the network environment, increasing the risk of data breaches and facilitating lateral movement across connected systems.

References