⚠️ CISA Known Exploited Vulnerability
Active ThreatThis vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. Active exploitation has been observed in the wild. This poses significant risk to federal enterprises and should be prioritized for immediate patching.
CVE-2024-11120
Critical CISA KEVVulnerability Description
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Known Affected Software
4 configuration(s) from 1 vendor(s)
cpe:2.3:o:geovision:gv-vs11_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:geovision:gv-dsp_lpr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:geovision:gvlx_4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:geovision:gv-vs12_firmware:-:*:*:*:*:*:*:*
References & Resources
-
https://www.twcert.org.tw/en/cp-139-8237-26d7a-2.htmltwcert@cert.org.tw Third Party Advisory
-
https://www.twcert.org.tw/tw/cp-132-8236-d4836-1.htmltwcert@cert.org.tw Third Party Advisory
-
https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet134c704f-9b21-4f2e-91b3-4a467353bcc0 Exploit Third Party Advisory
-
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-11120134c704f-9b21-4f2e-91b3-4a467353bcc0 US Government Resource
Severity Details
CISA KEV Status
Listed in CISA's Known Exploited Vulnerabilities catalog
Key Information
- Published Date
- November 15, 2024
