CVE-2026-0541
Improper Input Validation in ACAP Applications Leads to Privilege Escalation
Publication date: 2026-05-12
Last updated on: 2026-05-12
Assigner: Axis Communications AB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| axis | axis_os | From 12.0.0 (inc) to 12.9.31 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to privilege escalation on the affected Axis device.
An attacker who successfully tricks a victim into installing a malicious, unsigned ACAP application could gain higher-level access than intended, potentially compromising the device's security.
This could result in unauthorized control over the device, leading to confidentiality, integrity, and availability impacts.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the Axis device is configured to allow the installation of unsigned ACAP applications, as exploitation requires this setting to be enabled.
Additionally, verifying the installed ACAP applications for any unsigned or suspicious applications could help identify potential exploitation.
As of now, no public exploits or specific detection commands are known or provided.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update your Axis device software to Active Track version 12.9.32 or later, where the issue has been patched.
Also, disable the installation of unsigned ACAP applications on your device to prevent potential exploitation.
If you require further assistance, contact Axis Technical Support or refer to the Axis vulnerability management portal.
Can you explain this vulnerability to me?
CVE-2026-0541 is a vulnerability in AXIS OS versions 12.0.0 to 12.9.31 involving improper input validation during the installation of ACAP applications.
This flaw allows an attacker to gain elevated privileges (privilege escalation) if the Axis device is configured to allow the installation of unsigned ACAP applications and if the attacker convinces a victim to install a malicious, unsigned ACAP application.
The vulnerability is classified under CWE-732 (Incorrect Permission Assignment for Critical Resource) and has a CVSSv3.1 base score of 6.7, indicating a medium severity level.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows privilege escalation through improper input validation during the installation of unsigned ACAP applications, potentially leading to unauthorized access or control over the Axis device.
Such unauthorized privilege escalation could impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls over access to sensitive data and systems to ensure confidentiality, integrity, and availability.
However, the provided information does not explicitly discuss or analyze the direct impact of this vulnerability on compliance with these or other common standards and regulations.