CVE-2026-1241 | THREATINT

Description

The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web management interface. The flaw stems from inadequate enforcement of access controls, allowing certain functionality to be accessed without proper authentication. This weakness can lead to unauthorized viewing of live video streams, creating privacy concerns and operational risks for organizations relying on these cameras. Additionally, it may expose operators to regulatory and compliance challenges.

PUBLISHED Reserved 2026-01-20 | Published 2026-02-26 | Updated 2026-02-26 | Assigner icscert

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-288 Authentication Bypass Using an Alternate Path or Channel

Product status

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Credits

Souvik Kandar reporter

References

www.cisa.gov/news-events/ics-advisories/icsa-26-057-02

cve.org (CVE-2026-1241)

nvd.nist.gov (CVE-2026-1241)

Download JSON