CVE-2026-57275
GeoVision · GeoWebPlayer
A high-severity vulnerability has been identified in the GeoWebPlayer addon used across multiple GeoVision software platforms.
Executive summary
The GeoVision GeoWebPlayer addon contains a high-severity security flaw that poses a substantial risk to the confidentiality and availability of the affected software.
Vulnerability
This vulnerability resides within the GeoWebPlayer component, an addon utilized by GV-VMS and GV-Cloud, which may allow attackers to exploit flaws in the software's architecture.
Business impact
With a CVSS score of 8.3, this vulnerability represents a critical security gap that could lead to unauthorized system manipulation. Failure to remediate could result in severe operational disruption or the exposure of sensitive video management data to unauthorized actors.
Remediation
Immediate Action: Locate all installations of the GeoWebPlayer addon and apply the latest security updates provided by GeoVision.
Proactive Monitoring: Regularly audit system logs for indicators of compromise and suspicious activity originating from the GeoWebPlayer service.
Compensating Controls: Deploy WAF rules designed to filter malicious requests targeting the GeoWebPlayer interface and restrict access to authorized IP addresses only.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Security administrators must treat this vulnerability as an urgent maintenance item. Prompt application of vendor-recommended updates is required to neutralize the threat and maintain the security posture of the GeoVision software environment.