PatchSiren cyber security CVE debrief
CVE-2026-1241 Unknown Vendor CVE debrief
CVE-2026-1241 affects Pelco, Inc. Sarix Professional 3 Series cameras and is described by CISA as an authentication bypass in the web management interface. Because access controls are not enforced correctly, certain functionality may be reachable without proper authentication, including unauthorized viewing of live video streams. The advisory rates the issue CVSS 3.1 7.5 (HIGH) and recommends updating affected cameras to firmware 02.53 or later.
- Vendor
- Unknown Vendor
- Product
- Pelco, Inc. Sarix Professional IMP 3 Series <=02.52 Sarix Professional IXP 3 Series Sarix Professional IBP 3 Series Sarix Professional IWP 3 Series
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-02-26
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-02-26
Who should care
Organizations operating Pelco Sarix Professional IMP/IXP/IBP/IWP 3 Series cameras, especially security operations teams, physical security administrators, OT/ICS defenders, and privacy/compliance stakeholders responsible for camera deployments.
Technical summary
The advisory describes a network-reachable authentication bypass in the camera web management interface, aligned with an access-control weakness (CWE-288). The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating unauthenticated network access with a high confidentiality impact. CISA states the flaw can allow unauthorized access to live video streams. Pelco’s remediation is firmware version 02.53 or later for the affected Sarix Professional 3 Series products.
Defensive priority
High priority for any exposed or business-critical deployment. Because the issue allows unauthenticated access and can reveal live video, patch affected cameras promptly and treat internet-facing or broadly reachable management interfaces as urgent.
Recommended defensive actions
- Upgrade affected Sarix Professional 3 Series cameras to firmware 02.53 or later as recommended by Pelco.
- Inventory all impacted models and confirm coverage for the Sarix Professional IMP 3, IXP 3, IBP 3, and IWP 3 series listed in the advisory.
- Restrict access to camera management interfaces to trusted administration networks or VPNs; do not expose them directly to the internet.
- Review device and network logs for unexpected access to camera web interfaces or live video functions.
- Apply CISA ICS recommended practices and defense-in-depth controls, including segmentation and monitoring, for camera and related security devices.
Evidence notes
The source corpus is the CISA CSAF advisory ICSA-26-057-02, published 2026-02-26, which identifies CVE-2026-1241 as an authentication bypass in Pelco Sarix Professional 3 Series camera web management interfaces. The advisory states that inadequate access control enforcement may permit unauthorized viewing of live video streams. It assigns CVSS 3.1 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and recommends upgrading firmware to 02.53 or later. No CISA KEV entry is supplied in the provided data.
Official resources
-
CVE-2026-1241 CVE record
CVE.org
-
CVE-2026-1241 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA on 2026-02-26 in ICSA-26-057-02; no CISA KEV entry is included in the supplied data.