CVE-2026-13125
GeoVision · GeoWebPlayer
The GeoVision GeoWebPlayer addon, used in various VMS and Cloud products, contains a high-severity vulnerability potentially leading to unauthorized system access.
Executive summary
A high-severity vulnerability in the GeoVision GeoWebPlayer component threatens the security of video management systems, potentially allowing unauthorized access to surveillance infrastructure.
Vulnerability
This vulnerability affects the GeoWebPlayer (also known as Web Plugin or WS Player). While technical details remain limited, the flaw permits an attacker to interact with the software in an unauthorized manner, likely through the browser-based addon interface.
Business impact
The CVSS score of 8.8 reflects the high risk posed to physical security infrastructure. Successful exploitation could allow unauthorized individuals to access live video feeds, modify surveillance settings, or leverage the compromised system as a pivot point for further lateral movement within the corporate network.
Remediation
Immediate Action: Apply all vendor-supplied security updates for GeoVision software, including the GeoWebPlayer, immediately.
Proactive Monitoring: Monitor network traffic to and from video management servers for unusual spikes or unauthorized access attempts from external or untrusted internal segments.
Compensating Controls: Restrict access to the GeoVision management web interfaces to trusted IP addresses only and ensure that the VMS is isolated on a dedicated management network.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Given the critical role of video management systems in security and safety, patching the GeoWebPlayer component is an urgent priority. Organizations should verify the version of the plugin across all deployed clients and ensure that the latest vendor patches are applied to prevent remote unauthorized access.