BACK TO NEWS
CERT Advisories

Critical Authentication Bypass Flaw in Pelco Sarix Pro 3 IP Cameras (CVE Pending)

2 min readSource: INCIBE-CERT

Pelco Sarix Pro 3 IP cameras contain an authentication bypass vulnerability, allowing unauthorized access. Security professionals should apply mitigations immediately.

Authentication Bypass Vulnerability Discovered in Pelco Sarix Pro 3 IP Cameras

Spain’s INCIBE-CERT has issued an urgent security advisory regarding an authentication bypass vulnerability in Pelco Sarix Pro 3 Series IP cameras. The flaw, which remains unpatched as of February 27, 2026, enables threat actors to bypass authentication mechanisms and gain unauthorized access to camera feeds and configurations.

Technical Details

While specific technical details remain limited pending a CVE assignment, the vulnerability is classified as an authentication bypass issue. Such flaws typically stem from:

  • Improper session management
  • Weak or missing access controls
  • Hardcoded credentials or flawed authentication logic

The Sarix Pro 3 Series, designed for enterprise surveillance, is widely deployed in critical infrastructure, corporate environments, and public safety applications. Unauthorized access to these devices could lead to privacy violations, surveillance disruption, or lateral movement within networks.

Impact Analysis

The vulnerability poses severe risks to organizations relying on Pelco Sarix Pro 3 cameras, including:

  • Unauthorized surveillance access: Attackers could view or exfiltrate live or recorded footage.
  • Network infiltration: Compromised cameras may serve as entry points for deeper network penetration.
  • Compliance violations: Unauthorized access could breach data protection regulations (e.g., GDPR, HIPAA).
  • Physical security risks: Adversaries could manipulate camera feeds to obscure malicious activities.

INCIBE-CERT has not disclosed whether the flaw is actively exploited in the wild, but the low attack complexity suggests it could be weaponized quickly.

Recommendations for Security Teams

Until Pelco releases a firmware update, INCIBE-CERT recommends the following mitigations:

  1. Network Segmentation: Isolate IP cameras on a dedicated VLAN to limit lateral movement.
  2. Access Controls: Restrict camera access to authorized IPs via firewalls or network ACLs.
  3. Monitoring: Deploy intrusion detection systems (IDS) to detect anomalous traffic to/from cameras.
  4. Disable Unnecessary Services: Disable remote access or UPnP if not required.
  5. Vendor Communication: Contact Pelco support for patch timelines and workarounds.

Security professionals should monitor INCIBE-CERT and Pelco advisories for updates, including a formal CVE assignment and patch availability. Organizations using affected models are urged to prioritize mitigations to reduce exposure.

Original advisory: INCIBE-CERT

Share

TwitterLinkedIn