# Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure # Date: 19-MAR-2025 # Exploit Author: Giorgi Dograshvili [DRAGOWN] # Vendor Homepage: https://www.geovision.com.tw/ # Software Link: https://www.geovision.com.tw/download/product/ # Version: 6.1.2.0 or less # Tested on: Windows 10 | Kali Linux # CVE : CVE-2025-26263 # PoC: https://github.com/DRAGOWN/CVE-2025-26263 GeoVision ASManager Windows desktop application with the version 6.1.2.0 or less, is vulnerable to credentials disclosure due to improper memory handling in the ASManagerService.exe process. Requirements To perform successful attack an attacker requires: - System level access to the GV-ASManager windows desktop application with the version 6.1.2.0 or less; - A high privilege account to dump the memory. Impact The vulnerability can be leveraged to perform the following unauthorized actions: - An attacker with high privilege system user, who isn't authorized to access GeoVision ASManager, is able to: -- Dump ASManager accounts credentials; -- Authenticate in ASManager. - After the authenticating in ASManager, an attacker will be able to: -- Access the resources such as monitoring cameras, access cards, parking cars, employees and visitors, etc. -- Make changes in data and service network configurations such as employees, access card security information, IP addresses and configurations, etc. -- Disrupt and disconnect services such as monitoring cameras, access controls. -- Clone and duplicate access control data for further attack scenarios. PoC The steps for a successful exploitation are described in the following GitHub article with screenshots: - https://github.com/DRAGOWN/CVE-2025-26263 After a successful attack, you will get administrative access to: - ASManager - Access & Security Management software in OS - ASWeb - Access & Security Management - TAWeb - Time and Attendance Management - VMWeb - Visitor Management