Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

A critical stack-based buffer overflow in the GeoVision GV-I/O Box 4E DVRSearch service allows any unauthenticated attacker on the network to execute arbitrary code on the device by sending a single crafted UDP packet. The vulnerability carries a maximum CVSS score of 10.0 and requires no credentials, no user interaction, and no special access; any host that can reach UDP port 10001 is a potential attacker. Organizations with these devices on operational technology networks, building management systems, or perimeter-accessible segments face immediate risk of device compromise, physical access system manipulation, and lateral movement.

Author

Tech Jacks Solutions