CVE-2026-4606
Deferred Deferred - Pending Action
Local Privilege Escalation in GV Edge ERM via SYSTEM-Level Service

Publication date: 2026-03-23

Last updated on: 2026-05-19

Assigner: 0df08a0e-a200-4957-9bb0-084f562506f9

Description
GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system.  During installation, ERM creates a Windows service that runs under the LocalSystem account.  When the ERM application is launched, related processes are spawned under SYSTEM privileges rather than the security context of the logged-in user.  Functions such as 'Import Data' open a Windows file dialog operating with SYSTEM permissions, enabling modification or deletion of protected system files and directories.  Any ERM function invoking Windows file open/save dialogs exposes the same risk.  This vulnerability allows local privilege escalation and may result in full system compromise.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-23
Last Modified
2026-05-19
Generated
2026-06-16
AI Q&A
2026-03-23
EPSS Evaluated
2026-06-15
NVD
CVE-2026-4606
EUVD
EUVD-2026-14346
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gv_edge_recording_manager erm 2.3.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

GV Edge Recording Manager (ERM) version 2.3.1 runs application components with SYSTEM-level privileges improperly. This means that any local user on the system can gain full control over the operating system.

During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is launched, its related processes run with SYSTEM privileges instead of the logged-in user's security context.

Functions like 'Import Data' open Windows file dialogs that operate with SYSTEM permissions, allowing modification or deletion of protected system files and directories. Any ERM function that invokes Windows file open/save dialogs exposes this risk.

Overall, this vulnerability allows local privilege escalation and may lead to full system compromise.

Impact Analysis

This vulnerability can allow any local user to escalate their privileges to SYSTEM level, effectively gaining full control over the affected operating system.

With SYSTEM-level access, an attacker can modify or delete protected system files and directories, potentially leading to system instability, data loss, or unauthorized access to sensitive information.

The full system compromise risk means that attackers could install malware, create backdoors, or disrupt normal system operations.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4606. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart