CVE-2026-42368
Modified Modified - Updated After Analysis
Privilege Escalation in GeoVision LPC2211 Web Interface

Publication date: 2026-05-04

Last updated on: 2026-06-15

Assigner: 0df08a0e-a200-4957-9bb0-084f562506f9

Description
A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-04
Last Modified
2026-06-15
Generated
2026-06-16
AI Q&A
2026-05-04
EPSS Evaluated
2026-06-15
NVD
CVE-2026-42368
EUVD
EUVD-2026-26859
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
geovision gv-lpc2011_firmware 1.10
geovision gv-lpc2211_firmware 1.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not explicitly address how the CVE-2026-42368 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability is a privilege escalation issue found in the Web Interface functionality of GeoVision LPC2011 and LPC2211 version 1.10. It allows an attacker to execute privileged operations by sending a specially crafted HTTP request. The attacker can trigger this vulnerability simply by visiting a malicious webpage.

Impact Analysis

The vulnerability can have severe impacts as it allows an attacker to escalate privileges and perform high-level operations without authorization. According to the CVSS score of 9.9, it can lead to complete compromise of confidentiality, integrity, and availability of the affected system.

Mitigation Strategies

GeoVision follows a structured vulnerability management process that includes discovery, analysis, prioritization, and solution updates with follow-up.

For critical vulnerabilities like this privilege escalation in GeoVision LPC2011/LPC2211, GeoVision triggers unscheduled updates and provides detailed documentation to assist users in applying fixes.

Therefore, the immediate step to mitigate this vulnerability is to promptly apply any unscheduled security updates or patches released by GeoVision for the affected products.

Additionally, monitoring GeoVision's official cybersecurity advisories and applying recommended security best practices for network devices is advised.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42368. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart