CVE-2024-11120

CRITICALCISA KEV

9.8

Description

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie11/15/2024

Derniere modification10/30/2025

Sourcekev

Observations honeypot0

CISA KEV

FournisseurGeoVision

ProduitMultiple Devices

Nom vulnerabiliteGeoVision Devices OS Command Injection Vulnerability

Date ajout KEV2025-05-07

Date limite remediation2025-05-28

Utilise dans ransomwareUnknown

Produits affectes

geovision:gv-dsp_lprgeovision:gv-dsp_lpr_firmwaregeovision:gv-vs11geovision:gv-vs11_firmwaregeovision:gv-vs12geovision:gv-vs12_firmwaregeovision:gvlx_4geovision:gvlx_4_firmware

Faiblesses (CWE)

CWE-78

References

https://www.twcert.org.tw/en/cp-139-8237-26d7a-2.html(twcert@cert.org.tw)

https://www.twcert.org.tw/tw/cp-132-8236-d4836-1.html(twcert@cert.org.tw)

https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-11120(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.