GeoVision GV Edge Recording Manager Privilege Escalation Vulnerability Allowing Full System Control

A local privilege escalation vulnerability has been identified in GeoVision GV Edge Recording Manager (ERM) version 2.3.1. The issue arises because the application improperly executes components with SYSTEM-level privileges. This flaw enables any local user to gain complete control over the operating system. During installation, ERM establishes a Windows service that operates under the LocalSystem account. Consequently, when the application is launched, associated processes inherit SYSTEM privileges instead of the security context of the logged-in user. Features like 'Import Data' trigger a Windows file dialog that operates with SYSTEM permissions, potentially allowing users to modify or delete protected system files and directories. This risk extends to any ERM function that invokes Windows file open or save dialogs. The vulnerability could lead to a full system compromise.

Impact

Exploitation of this vulnerability allows local users to escalate privileges to the SYSTEM level, potentially leading to a complete compromise of the operating system.