Description
An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
Published: 2026-05-12
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An ACAP configuration file in Axis OS lacks sufficient input validation, enabling a path traversal attack that can lead to privilege escalation. The flaw requires that the device is configured to permit installation of unsigned ACAP applications and that an attacker can persuade a user to install a malicious ACAP package. Successful exploitation could allow the attacker to gain elevated privileges on the system, compromising device integrity and confidentiality.

Affected Systems

Axis Communications AB’s AXIS OS is affected. Specific version information was not disclosed; all AXIS OS installations that allow unsigned ACAP installation are at risk.

Risk and Exploitability

The CVSS score of 6.7 indicates a medium severity vulnerability. The EPSS score is not available, and the flaw is not listed in the CISA KEV catalog. Explotability is limited because it depends on a permissive unsigned-ACAP installation setting and a social engineering step to convince a user to install a malicious ACAP. These prerequisites reduce the likelihood of widespread exploitation, but the potential impact remains significant given the ability to gain elevated privileges.

Generated by OpenCVE AI on May 12, 2026 at 07:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Configure AXIS OS to disallow installation of unsigned ACAP applications.
  • Enforce that only digitally signed ACAP packages are accepted, using the device’s signature verification settings.
  • Apply any vendor-supplied patch or update that corrects the input validation flaw in the ACAP configuration file as soon as it becomes available.

Generated by OpenCVE AI on May 12, 2026 at 07:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 19 May 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Axis
Axis axis Os
CPEs cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*
Vendors & Products Axis
Axis axis Os

Tue, 12 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 12 May 2026 07:45:00 +0000

Type Values Removed Values Added
Title Axis OS Path Traversal via Unsigned ACAP Installation Exploits Privileged Access
First Time appeared Axis Communications Ab
Axis Communications Ab axis Os
Vendors & Products Axis Communications Ab
Axis Communications Ab axis Os

Tue, 12 May 2026 06:30:00 +0000

Type Values Removed Values Added
Description An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
Weaknesses CWE-35
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Axis Axis Os
Axis Communications Ab Axis Os
cve-icon MITRE

Status: PUBLISHED

Assigner: Axis

Published:

Updated: 2026-05-13T03:57:49.905Z

Reserved: 2026-01-09T10:09:32.518Z

Link: CVE-2026-0804

cve-icon Vulnrichment

Updated: 2026-05-12T13:07:18.820Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-12T07:16:09.597

Modified: 2026-05-19T16:06:01.233

Link: CVE-2026-0804

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T07:30:10Z

Weaknesses