A critical buffer overflow vulnerability in GeoVision GV-LPC2011/2211 allows unauthenticated remote attackers to compromise the system through malicious RTSP authentication requests.

The vulnerability is located in the ssvr process, specifically during the parsing of RTSP Digest authentication fields. By providing overly long authentication data in an RTSP request, an unauthenticated attacker can cause a stack-based buffer overflow.

The CVSS score of 9.8 underscores the critical nature of this flaw, which allows for remote code execution. Potential consequences include unauthorized access to device management functions, data theft, or a complete denial of service, significantly impacting business continuity.

Immediate Action: Update the affected GeoVision firmware to the latest available version as specified in the manufacturer's security advisory.

Proactive Monitoring: Monitor network traffic for anomalous RTSP authentication patterns and watch for unexpected device behavior or service crashes.

Compensating Controls: If patching is not immediately feasible, isolate the affected devices on a restricted VLAN and limit RTSP access to trusted administrative workstations.

Public Exploit Available: Unknown

This vulnerability provides an unauthenticated path for remote code execution, making it a severe risk. Organizations must ensure that firmware updates are applied across all affected devices to eliminate the underlying memory corruption flaw.