CVE-2026-4606 | GV Edge Recording Manager (ERM) v2.3.1 improperly runs appli… | CVSS 10.0 CRITICAL

Description

GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is launched, related processes are spawned under SYSTEM privileges rather than the security context of the logged-in user. Functions such as 'Import Data' open a Windows file dialog operating with SYSTEM permissions, enabling modification or deletion of protected system files and directories. Any ERM function invoking Windows file open/save dialogs exposes the same risk. This vulnerability allows local privilege escalation and may result in full system compromise.

Metadata

CVE ID: CVE-2026-4606
State: PUBLISHED
Assigner: GV
Reserved: 2026-03-23 00:46 UTC
Published: 2026-03-23 01:05 UTC
Last updated: 2026-03-24 03:56 UTC
Primary CWE: CWE-250
CWE-250 Execution with unnecessary privileges
Vendor / Product: GeoVision / GV-Edge Recording Manager
Sources: cve.org · NVD

Severity & Metrics

10.0 CRITICAL CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:N/R:I/V:C/RE:M/U:Green

SSVC — CISA Coordinator

Exploitation: none
Automatable: yes
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
GeoVision	GV-Edge Recording Manager	Windows	2.3.1, 2.3.2

Weakness (CWE)

CWE	Source	Description
CWE-250	cna	CWE-250 Execution with unnecessary privileges

CVSS scores (1)

Score	Severity	Version	Source	Vector
10.0	CRITICAL	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:N/R:I/V:C/RE:M/U:Green

References (1)

https://https://www.geovision.com.tw/cyber_security.php