GV-Edge Recording Manager Privilege Escalation

CVE Category Price Severity
CVE-2023-23059 CWE-269 $5,000 - $25,000 High
Author Risk Exploitation Type Date
N/A High Local 2023-05-08

CVSS vector description

Our sensors found this exploit at:

Below is a copy:

GV-Edge Recording Manager Privilege Escalation
# Exploit Title: GV-Edge Recording Manager - Privilege Escalation due Incorrect Default Permissions
# Date: 2023-05-04
# Exploit Author: Andrea Intilangelo
# Vendor Homepage: -
# Software Link:
# Version: / Installer version:
# Tested on: Windows 10 Pro 22H2 x64
# CVE: CVE-2023-23059 / Vendor Advisory ID: GV-ERM-2023-05 / Article ID: GV4-23-05-03

An issue was discovered in GeoVision GV-Edge Recording Manager for Windows (Installer version:,
which contains improper permissions within the default installation and allows attackers to execute arbitrary code and
gain escalated privileges.

Vendor security advisory: Security_Advistory_ERM-2023-05.pdf


2023-01-02: Vulnerability discovered, vendor contacted
2023-01-03: Vendor replies, request for CVE reservation, acknowledgments and coordinating for advisory,
2023-01-04: Vendor assigned case S-202301030001, request for internal support and fix,
2023-04-25: Assigned CVE number: CVE-2023-23059, notified Vendor for coordinated disclosure,
2023-05-03: Vendor Security Advisory publication on
2023-05-04: CVE publication / disclosure.

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.