CVE-2026-1241 identifies a critical authentication bypass vulnerability in the Pelco Sarix Professional IMP 3 Series IP cameras. The root cause is inadequate enforcement of access controls within the web management interface, which allows attackers to bypass authentication mechanisms entirely. This vulnerability is categorized under CWE-288, indicating an authentication bypass via an alternate path or channel. The flaw enables unauthenticated remote attackers to access sensitive camera functionalities, including live video streams, without any credentials or user interaction. The CVSS v4.0 score of 8.7 reflects the vulnerability's network attack vector, low attack complexity, and no required privileges or user interaction, combined with a high impact on confidentiality. The vulnerability does not affect integrity or availability directly but compromises confidentiality by exposing live video feeds. No patches or known exploits have been reported yet, but the potential for privacy violations and operational disruptions is significant. The cameras are commonly deployed in security-sensitive environments such as corporate, government, and critical infrastructure sectors, increasing the threat's severity. The lack of authentication enforcement could also lead to regulatory compliance issues, especially in jurisdictions with strict data protection laws.

The primary impact of CVE-2026-1241 is unauthorized access to live video streams, which can lead to severe privacy breaches and operational security risks. Organizations relying on these cameras for surveillance may have their security posture compromised, as attackers can monitor sensitive areas without detection. This exposure could facilitate further targeted attacks or espionage. Additionally, unauthorized video access may violate data protection regulations such as GDPR, HIPAA, or other regional privacy laws, resulting in legal and financial penalties. The vulnerability could undermine trust in physical security systems and necessitate costly incident response and remediation efforts. Since the cameras are often integrated into broader security and monitoring infrastructures, exploitation could have cascading effects on organizational security. The absence of required authentication and user interaction makes exploitation straightforward, increasing the likelihood of attacks once exploit code becomes available.

Until an official patch is released by Pelco, organizations should implement compensating controls to mitigate the risk. These include isolating the affected cameras on segmented, trusted networks with strict firewall rules to restrict access to authorized personnel only. Employ VPNs or secure tunnels for remote management access to prevent unauthorized external connections. Regularly audit and monitor network traffic to detect anomalous access attempts to the cameras' web interfaces. Disable any unnecessary services or features on the cameras that could be exploited. Enforce strong physical security controls to prevent direct access to the devices. Organizations should also engage with Pelco support to obtain timelines for patches and apply updates promptly once available. Additionally, consider deploying network intrusion detection systems (NIDS) tuned to detect suspicious activity targeting these devices. Document and review compliance requirements to prepare for potential regulatory reporting obligations.