The GeoVision GV-I/O Box 4E is susceptible to a critical stack overflow vulnerability that allows unauthenticated remote code execution.

This vulnerability involves a stack-based buffer overflow in the DVRSearch service, triggered when processing network configuration data. An unauthenticated attacker can send a malicious UDP packet to port 10001, causing memory corruption and potential code execution.

A successful exploit grants an attacker full control over the affected I/O device, which may be leveraged to manipulate physical relays or pivot into the internal network. Given the CVSS score of 10.0, this represents a maximum-severity risk that could lead to complete system compromise and severe operational disruption.

Immediate Action: Update the firmware of all affected GeoVision GV-I/O Box 4E units to the latest version provided by the vendor.

Proactive Monitoring: Inspect network traffic for anomalous UDP packets directed at port 10001 and monitor device logs for unexpected service restarts.

Compensating Controls: Restrict network access to the GV-I/O Box 4E using firewall rules, ensuring the device is not reachable from untrusted networks or the public internet.

Public Exploit Available: Unknown

The severity of this vulnerability necessitates immediate action. Organizations utilizing GeoVision GV-I/O Box 4E devices must prioritize firmware updates and network isolation to prevent unauthorized remote access and potential physical manipulation of connected systems.