From Viewer to SYSTEM: Critical 10.0 CVSS Flaw in GeoVision ERM Allows Full Host Takeover
Ddos 
In a major security alert for the surveillance industry, GeoVision has disclosed a critical vulnerability in its GV-Edge Recording Manager (ERM) software. The flaw, tracked as CVE-2026-4606, carries a maximum CVSS v4 score of 10.0, representing the highest possible level of risk to affected systems.
The vulnerability allows any local user to bypass standard security boundaries and gain full, unrestricted control over the host operating system.
The technical root of the problem lies in how the application manages its internal processes. According to the advisory, GV-Edge Recording Manager V2.3.1 and earlier “improperly runs application components with SYSTEM-level privileges”.
When the software is installed, it creates a Windows service that operates under the Local System account. This is one of the most powerful accounts on a Windows machine, possessing significantly more authority than a standard administrator. The critical failure occurs because “when the ERM application is launched, related processes are spawned under SYSTEM privileges rather than the security context of the logged-in user”.
Attackers can exploit this elevated state through routine software functions. For example, common features like ‘Import Data’ trigger a standard Windows file dialog. Because the parent process is running as SYSTEM, this dialog also operates with SYSTEM permissions.
“Any ERM function invoking Windows file open/save dialogs exposes the same risk,” the advisory warns. Through these dialogs, a low-privileged user can browse, modify, or even delete protected system files and directories that should be completely off-limits. This chain of events “allows local privilege escalation and may result in full system compromise”.
The vulnerability impacts the following product version:
- GV-Edge Recording Manager: Version V2.3.1 or earlier
The reported vulnerability has been fully resolved in the latest software release.
Security teams and system administrators are urged to download and install GV-Edge Recording Manager V2.3.2 or later from the official GeoVision download page immediately.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
