CVE-2026-42368
Analyzed Analyzed - Analysis Complete
Privilege Escalation in GeoVision LPC2211 Web Interface

Publication date: 2026-05-04

Last updated on: 2026-05-05

Assigner: 0df08a0e-a200-4957-9bb0-084f562506f9

Description
A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-04
Last Modified
2026-05-05
Generated
2026-05-07
AI Q&A
2026-05-04
EPSS Evaluated
2026-05-05
NVD
CVE-2026-42368
EUVD
EUVD-2026-26859
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
geovision gv-lpc2011_firmware 1.10
geovision gv-lpc2211_firmware 1.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a privilege escalation issue found in the Web Interface functionality of GeoVision LPC2011 and LPC2211 version 1.10. It allows an attacker to execute privileged operations by sending a specially crafted HTTP request. The attacker can trigger this vulnerability simply by visiting a malicious webpage.


How can this vulnerability impact me? :

The vulnerability can have severe impacts as it allows an attacker to escalate privileges and perform high-level operations without authorization. According to the CVSS score of 9.9, it can lead to complete compromise of confidentiality, integrity, and availability of the affected system.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not explicitly address how the CVE-2026-42368 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.


What immediate steps should I take to mitigate this vulnerability?

GeoVision follows a structured vulnerability management process that includes discovery, analysis, prioritization, and solution updates with follow-up.

For critical vulnerabilities like this privilege escalation in GeoVision LPC2011/LPC2211, GeoVision triggers unscheduled updates and provides detailed documentation to assist users in applying fixes.

Therefore, the immediate step to mitigate this vulnerability is to promptly apply any unscheduled security updates or patches released by GeoVision for the affected products.

Additionally, monitoring GeoVision's official cybersecurity advisories and applying recommended security best practices for network devices is advised.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart