CVE-2024-12553 is a vulnerability classified under CWE-862 (Missing Authorization) affecting GeoVision's GV-ASManager product, specifically version 6.1.0. The vulnerability resides in the GV-ASWeb service component, where authorization checks are insufficient or absent before granting access to sensitive functionality. This flaw enables remote attackers who have authenticated access—potentially via default guest credentials—to retrieve sensitive information stored within the system, such as credentials. The lack of proper authorization controls means that even authenticated users with minimal privileges can escalate their access to sensitive data. The vulnerability was identified and published by the Zero Day Initiative (ZDI) as ZDI-CAN-25394. The CVSS v3.0 base score is 6.5, reflecting a medium severity level, with the vector indicating network attack vector, low attack complexity, requiring privileges, no user interaction, unchanged scope, high confidentiality impact, and no impact on integrity or availability. While no public exploits have been reported, the presence of default guest credentials significantly lowers the barrier to exploitation. This vulnerability can serve as a stepping stone for attackers to further compromise the system or network by leveraging disclosed credentials.

The primary impact of CVE-2024-12553 is the unauthorized disclosure of sensitive information, particularly stored credentials, which can lead to further system compromise. Organizations using GeoVision GV-ASManager 6.1.0 may face increased risk of lateral movement or privilege escalation within their environments if attackers exploit this vulnerability. Although the vulnerability does not directly affect system integrity or availability, the confidentiality breach can undermine trust and security posture, especially in environments relying on GV-ASManager for access control or surveillance management. The use of default guest credentials exacerbates the risk, as attackers can gain initial access with minimal effort. This threat is particularly concerning for organizations with critical physical security infrastructure managed by GV-ASManager, as compromise could lead to unauthorized physical access or surveillance manipulation. The absence of known exploits in the wild currently limits immediate widespread impact, but the vulnerability remains a significant risk if left unmitigated.

1. Immediately audit and disable or change all default guest and weak credentials on GV-ASManager installations to strong, unique passwords. 2. Implement strict access controls and role-based permissions within GV-ASManager to limit user privileges and reduce the risk of unauthorized access. 3. Restrict network access to the GV-ASWeb service to trusted IP addresses or via VPN to minimize exposure to potential attackers. 4. Monitor authentication logs and access patterns for unusual or unauthorized login attempts, especially those involving guest accounts. 5. If possible, isolate the GV-ASManager system from the internet or untrusted networks to reduce attack surface. 6. Engage with GeoVision support or monitor official channels for patches or updates addressing this vulnerability and apply them promptly once available. 7. Conduct regular security assessments and penetration tests focusing on authentication and authorization mechanisms within GV-ASManager. 8. Educate system administrators and security teams about the risks of default credentials and missing authorization controls to improve operational security practices.