Pelco, Inc. Sarix Pro 3 Series IP Cameras

Plan Patch7.5ICS-CERT ICSA-26-057-02Feb 26, 2026

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Pelco Sarix Professional 3 Series IP cameras (IMP, IXP, IBP, IWP models) up to firmware version 02.52 contain an authentication bypass vulnerability (CWE-288) that allows unauthenticated attackers to read sensitive device data and video streams. Successful exploitation could expose facility layouts, personnel, and operations, enabling physical security bypass or surveillance circumvention. The vulnerability requires only network access with no user interaction needed.

What this means

What could happen

An attacker could read sensitive video and configuration data from the camera without authentication, potentially exposing facility layouts, personnel, and operations. This could enable physical security bypass or surveillance circumvention at critical infrastructure sites.

Who's at risk

Water utilities, electric utilities, and other critical infrastructure operators who use Pelco Sarix Professional 3 Series IP cameras (IMP, IXP, IBP, IWP models) for perimeter surveillance, facility monitoring, or access control recording. This affects any organization relying on these cameras for security monitoring or regulatory compliance documentation.

How it could be exploited

An attacker on the network sends unauthenticated requests to the camera's management interface to access video streams, recordings, or configuration data. No valid credentials or user interaction is needed; the attacker only needs network access to the camera's IP address and port.

Prerequisites

Network access to the camera on its management port (typically port 80 or 443)
Camera firmware version 02.52 or earlier

Remotely exploitableNo authentication requiredLow complexity attackAffects security systems (surveillance)High-value target for reconnaissance

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (4)

4 with fix

ProductAffected VersionsFix Status

Sarix Professional IWP 3 Series: <=02.52≤ 02.5202.53 or later

Sarix Professional IMP 3 Series: <=02.52≤ 02.5202.53 or later

Sarix Professional IXP 3 Series: <=02.52≤ 02.5202.53 or later

Sarix Professional IBP 3 Series: <=02.52≤ 02.5202.53 or later

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDRestrict network access to camera management interfaces using firewall rules; allow access only from authorized engineering workstations and monitoring systems on a separate VLAN

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Sarix Professional 3 Series camera firmware to version 02.53 or later

Long-term hardening

0/1

HARDENINGSegment surveillance cameras onto a dedicated network isolated from process control systems and corporate IT networks

CVEs (1)

CVE-2026-1241

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/96944fd3-b906-45df-9e7c-42c53671e957