The GeoVision GV-I/O Box 4E is susceptible to a critical stack-based buffer overflow vulnerability that allows unauthenticated remote code execution.

The vulnerability exists within the DVRSearch service, which processes UDP messages on port 10001. An unauthenticated attacker can send a specially crafted packet that triggers a stack overflow via an insecure memcpy operation, leading to potential system compromise.

Given the CVSS score of 10.0, this vulnerability represents the highest level of risk. Successful exploitation grants an attacker full control over the embedded device, potentially allowing them to pivot into the internal network, disrupt physical security controls connected to the I/O box, or facilitate further lateral movement.

Immediate Action: Update the firmware of the GeoVision GV-I/O Box 4E to the latest available version provided by the vendor.

Proactive Monitoring: Monitor network traffic for anomalous UDP activity directed at port 10001 and audit system logs for signs of service crashes or unauthorized configuration changes.

Compensating Controls: Implement strict network segmentation and utilize a firewall to restrict access to the device's management ports, ensuring only authorized management stations can communicate with the service.

Public Exploit Available: No

This vulnerability presents a critical threat to infrastructure integrity. Administrators must prioritize applying firmware patches immediately to eliminate the risk of remote exploitation. If patching is not immediately feasible, isolate the affected devices from external network exposure to prevent unauthorized access.