A critical stack-based buffer overflow in the GeoVision GV-I/O Box 4E allows unauthenticated remote attackers to execute arbitrary code by sending crafted UDP packets to the device.

The DVRSearch service, which listens on UDP port 10001, contains a stack-based buffer overflow. An attacker can send a malformed UDP message that, when processed, causes an out-of-bounds copy into a local buffer, leading to memory corruption and potential code execution.

The CVSS score of 10.0 reflects the critical nature of this vulnerability, as it allows unauthenticated remote code execution on an embedded device. An attacker could gain full control over the I/O Box, potentially manipulating physical relays or using the device as a foothold for further attacks on the internal network.

Immediate Action: Consult the official GeoVision security advisory and apply the latest firmware update to address the buffer overflow in the DVRSearch service.

Proactive Monitoring: Monitor network traffic for unusual or malformed UDP packets sent to port 10001 and review device logs for signs of service crashes or unauthorized access.

Compensating Controls: If patching is delayed, isolate the GV-I/O Box 4E on a restricted VLAN and block external access to port 10001 at the network perimeter.

Public Exploit Available: Unknown

Given the maximum severity score and the lack of authentication required to trigger this vulnerability, immediate remediation is mandatory. System administrators should prioritize firmware updates or network-level isolation to prevent unauthorized access to these embedded devices.