CVE-2026-12847: CWE-121 Stack-based buffer overflow in GeoVision Inc. GV-I/O Box 4E
CVE-2026-12847 is a critical stack-based buffer overflow vulnerability in GeoVision Inc.'s GV-I/O Box 4E smart embedded device. The vulnerability exists in the DVRSearch service, which listens for UDP messages on port 10001. An attacker on the network can send crafted UDP messages that trigger a stack overflow by copying the gateway field into a fixed-size buffer without proper bounds checking. This can lead to complete compromise of confidentiality, integrity, and availability of the device.
AI Analysis
Technical Summary
The GV-I/O Box 4E device runs a DVRSearch service that accepts UDP messages on port 10001. The service reads up to 1460 bytes into a local buffer and stores a pointer to it globally. A stack-based buffer overflow occurs when the gateway field from the network configuration is copied into a fixed offset in the reply buffer without validating its length. This vulnerability (CWE-121) allows an unauthenticated network attacker to execute arbitrary code or cause denial of service. The affected version is 2.09. No official patch or remediation has been disclosed yet.
Potential Impact
Successful exploitation of this vulnerability can lead to remote code execution, complete system compromise, and denial of service on the GV-I/O Box 4E device. The CVSS 3.1 base score is 10.0 (critical), reflecting network attack vector, no required privileges or user interaction, and full impact on confidentiality, integrity, and availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict network access to the device, especially blocking UDP port 10001 from untrusted sources, to reduce exposure.
CVE-2026-12847: CWE-121 Stack-based buffer overflow in GeoVision Inc. GV-I/O Box 4E
Description
CVE-2026-12847 is a critical stack-based buffer overflow vulnerability in GeoVision Inc.'s GV-I/O Box 4E smart embedded device. The vulnerability exists in the DVRSearch service, which listens for UDP messages on port 10001. An attacker on the network can send crafted UDP messages that trigger a stack overflow by copying the gateway field into a fixed-size buffer without proper bounds checking. This can lead to complete compromise of confidentiality, integrity, and availability of the device.
CVSS v3.1
Score 10.0critical
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The GV-I/O Box 4E device runs a DVRSearch service that accepts UDP messages on port 10001. The service reads up to 1460 bytes into a local buffer and stores a pointer to it globally. A stack-based buffer overflow occurs when the gateway field from the network configuration is copied into a fixed offset in the reply buffer without validating its length. This vulnerability (CWE-121) allows an unauthenticated network attacker to execute arbitrary code or cause denial of service. The affected version is 2.09. No official patch or remediation has been disclosed yet.
Potential Impact
Successful exploitation of this vulnerability can lead to remote code execution, complete system compromise, and denial of service on the GV-I/O Box 4E device. The CVSS 3.1 base score is 10.0 (critical), reflecting network attack vector, no required privileges or user interaction, and full impact on confidentiality, integrity, and availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict network access to the device, especially blocking UDP port 10001 from untrusted sources, to reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GV
- Date Reserved
- 2026-06-22T00:26:55.874Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3b667deed863c81e4ac19e
Added to database: 06/24/2026, 05:09:17 UTC
Last enriched: 06/24/2026, 05:24:22 UTC
Last updated: 06/24/2026, 05:29:07 UTC
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.