CVE-2026-0541
Analyzed Analyzed - Analysis Complete
Improper Input Validation in ACAP Applications Leads to Privilege Escalation

Publication date: 2026-05-12

Last updated on: 2026-05-19

Assigner: Axis Communications AB

Description
ACAP applications can gain elevated privileges due to improper input validation during the installation process, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convincesΒ the victim to install a malicious ACAP application.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-12
Last Modified
2026-05-19
Generated
2026-06-21
AI Q&A
2026-05-12
EPSS Evaluated
2026-06-20
NVD
CVE-2026-0541
EUVD
EUVD-2026-29382
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
axis axis_os From 12.0.0 (inc) to 12.9.32 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

If exploited, this vulnerability can lead to privilege escalation on the affected Axis device.

An attacker who successfully tricks a victim into installing a malicious, unsigned ACAP application could gain higher-level access than intended, potentially compromising the device's security.

This could result in unauthorized control over the device, leading to confidentiality, integrity, and availability impacts.

Detection Guidance

This vulnerability can be detected by checking if the Axis device is configured to allow the installation of unsigned ACAP applications, as exploitation requires this setting to be enabled.

Additionally, verifying the installed ACAP applications for any unsigned or suspicious applications could help identify potential exploitation.

As of now, no public exploits or specific detection commands are known or provided.

Mitigation Strategies

To mitigate this vulnerability, immediately update your Axis device software to Active Track version 12.9.32 or later, where the issue has been patched.

Also, disable the installation of unsigned ACAP applications on your device to prevent potential exploitation.

If you require further assistance, contact Axis Technical Support or refer to the Axis vulnerability management portal.

Executive Summary

CVE-2026-0541 is a vulnerability in AXIS OS versions 12.0.0 to 12.9.31 involving improper input validation during the installation of ACAP applications.

This flaw allows an attacker to gain elevated privileges (privilege escalation) if the Axis device is configured to allow the installation of unsigned ACAP applications and if the attacker convinces a victim to install a malicious, unsigned ACAP application.

The vulnerability is classified under CWE-732 (Incorrect Permission Assignment for Critical Resource) and has a CVSSv3.1 base score of 6.7, indicating a medium severity level.

Compliance Impact

The vulnerability allows privilege escalation through improper input validation during the installation of unsigned ACAP applications, potentially leading to unauthorized access or control over the Axis device.

Such unauthorized privilege escalation could impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls over access to sensitive data and systems to ensure confidentiality, integrity, and availability.

However, the provided information does not explicitly discuss or analyze the direct impact of this vulnerability on compliance with these or other common standards and regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0541. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart