CVE-2026-12488

MEDIUM

GeoVision GV-VMS V20 GV-Cloud memory corruption vulnerability

Title source: cna
STIX 2.1

Description

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2.  A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability.

References (3)

Core 3

Scores

CVSS v3 6.2
EPSS 0.0020
EPSS Percentile 9.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-121
Status published
Products (2)
GeoVision Inc./GeoVision V20.0.2
GeoVision Inc./GeoVision V20.1.0.0
Published Jun 24, 2026
Tracked Since Jun 24, 2026