CVE-2026-1241 identifies a critical authentication bypass vulnerability in the Pelco Sarix Professional IMP 3 Series cameras' web management interface. The root cause is inadequate enforcement of access controls, allowing attackers to bypass authentication mechanisms and access certain camera functions directly. This vulnerability is categorized under CWE-288, which involves authentication bypass using alternate paths or channels. Exploitation requires no privileges, no user interaction, and can be performed remotely over the network, making it highly accessible to attackers. The primary risk is unauthorized access to live video streams, which compromises confidentiality and privacy. This can lead to exposure of sensitive surveillance footage, undermining operational security and potentially violating privacy regulations. The vulnerability does not affect system integrity or availability directly but poses significant risks due to unauthorized data disclosure. No patches or fixes are currently available, and no known exploits have been reported in the wild. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no authentication required (AT:N), no user interaction (UI:N), and high impact on confidentiality (VC:H) with no impact on integrity or availability. The vulnerability affects all versions of the Sarix Professional IMP 3 Series cameras as indicated. Given the nature of the product—used widely in security and surveillance—the vulnerability presents a substantial threat to organizations relying on these devices for monitoring and security enforcement.

The primary impact of CVE-2026-1241 is unauthorized access to live video streams from affected Pelco cameras, leading to significant confidentiality breaches. Organizations using these cameras for security monitoring may have sensitive areas exposed to unauthorized viewers, increasing risks of espionage, privacy violations, and operational disruption. This can also lead to regulatory non-compliance, especially in sectors with strict data protection laws such as healthcare, finance, and government. The exposure of surveillance footage can undermine trust in security infrastructure and potentially facilitate further attacks by revealing operational details. Although the vulnerability does not directly affect system integrity or availability, the loss of confidentiality alone can have severe consequences. The ease of exploitation and remote accessibility increase the likelihood of attacks, especially in environments where camera management interfaces are exposed or poorly segmented. The absence of known exploits in the wild currently limits immediate widespread impact, but the vulnerability remains a critical risk until mitigated or patched.

1. Immediately restrict network access to the web management interface of Sarix Professional IMP 3 Series cameras by placing them behind firewalls and limiting access to trusted IP addresses only. 2. Implement strict network segmentation to isolate camera management networks from general corporate or public networks. 3. Use VPNs or secure tunnels for remote access to camera interfaces to ensure authentication and encryption. 4. Monitor network traffic and access logs for unusual or unauthorized access attempts to the cameras. 5. Disable any unnecessary services or features on the cameras that could be exploited as alternate access paths. 6. Engage with Pelco, Inc. for official patches or firmware updates addressing this vulnerability and apply them promptly once available. 7. Conduct regular security assessments and penetration testing on surveillance infrastructure to detect similar weaknesses. 8. Educate security and IT staff about the risks of exposing camera management interfaces and enforce strict access control policies. 9. Consider deploying additional security controls such as multi-factor authentication if supported by the camera system. 10. Maintain an incident response plan specific to surveillance system breaches to quickly address potential exploitation.