{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T14:16:24.799","vulnerabilities":[{"cve":{"id":"CVE-2026-1241","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2026-02-26T20:31:33.657","lastModified":"2026-06-17T10:15:22.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web management interface. The flaw stems from inadequate enforcement of access controls, allowing certain functionality to be accessed without proper authentication. This weakness can lead to unauthorized viewing of live video streams, creating privacy concerns and operational risks for organizations relying on these cameras. Additionally, it may expose operators to regulatory and compliance challenges."},{"lang":"es","value":"Las cámaras Pelco, Inc. Sarix Professional 3 Series son vulnerables a un problema de omisión de autenticación en su interfaz de gestión web. El fallo se deriva de una aplicación inadecuada de los controles de acceso, permitiendo que cierta funcionalidad sea accedida sin la autenticación adecuada. Esta debilidad puede conducir a la visualización no autorizada de transmisiones de video en vivo, creando preocupaciones de privacidad y riesgos operativos para las organizaciones que dependen de estas cámaras. Además, puede exponer a los operadores a desafíos regulatorios y de cumplimiento."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"Pelco, Inc.","product":"Sarix Professional IMP 3 Series","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"02.52","versionType":"custom","status":"affected"}]},{"vendor":"Pelco, Inc.","product":"Sarix Professional IXP 3 Series","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"02.52","versionType":"custom","status":"affected"}]},{"vendor":"Pelco, Inc.","product":"Sarix Professional IBP 3 Series","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"02.52","versionType":"custom","status":"affected"}]},{"vendor":"Pelco, Inc.","product":"Sarix Professional IWP 3 Series","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"02.52","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-26T20:43:12.875844Z","id":"CVE-2026-1241","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-057-02","source":"ics-cert@hq.dhs.gov"}]}}]}