CVE-2026-0541

6.7 MEDIUM

ACAP applications can gain elevated privileges due to improper input validation during the installation process, potentially leading to p...

Published: 2026-05-12 · Last updated: 2026-05-19

Severity and scoring

CVSS: 6.7 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-732

Affected products

Vendor	Product
axis	axis_os

Description

ACAP applications can gain elevated privileges due to improper input validation during the installation process, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-0541
[Vendor advisory]https://www.axis.com/dam/public/fa/50/c7/cve-2026-0541pdf-en-US-530730.pdf

Related CVEs

Same vendor

CVE-2026-1185 — A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to priv... (5.4 MEDIUM)
CVE-2026-0804 — An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege e... (6.7 MEDIUM)
CVE-2026-0802 — An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege esca... (6.0 MEDIUM)

Same CWE

CVE-2026-53856 — OpenClaw before 2026.4.24 contains an insecure file permissions vulnerability in config recovery that restores OpenClaw.json with overly ... (5.5 MEDIUM)
CVE-2026-0271 — A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to exec...
CVE-2026-50570 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (8.5 HIGH)
CVE-2026-26422 — clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation (8.4 HIGH)
CVE-2026-50590 — In Mimecast Incydr before 2.6.0, arbitrary file access can occur (4.5 MEDIUM)