Unwanted Network Commands Can Be Executed Without Authentication
CVE-2024-7029

9.8CRITICAL

Key Information:

Vendor
Avtech
Status
Avm1203 (ip Camera)
Vendor
CVE Published:
2 August 2024

Badges

πŸ“ˆ Score: 167πŸ’° RansomwareπŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 28%πŸ“° News Worthy

Summary

A vulnerability exists that enables malicious actors to inject commands over a network, allowing execution without the need for authentication. This type of security flaw poses significant risks, as it can lead to unauthorized access and manipulation of system functions. Organizations utilizing the affected products should prioritize implementing necessary security measures to mitigate potential risks associated with this vulnerability.

Affected Version(s)

AVM1203 (IP Camera) 0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

News Articles

End-of-life IP cams being used to spread new Mirai botnet

in brief A series of IP cameras still used all over the world, despite being well past their end of life, have been exploited to create a new Mirai botnet.Β  The vulnerability (CVSS 8.7, CVE-2024-7029) was...

4 months ago

Old CCTV cameras provide a fresh opportunity for a Mirai botnet variant

Researchers at Akamai say a zero-day vulnerability in AVTECH closed-circuit TV cameras is the latest example of how malicious hackers can exploit bugs in aging tech to propagate botnets.

5 months ago

Massive Mirai Botnet Exploited AVTECH Cameras Zero-Day

Researchers have discovered a Mirai botnet campaign exploiting a zero-day vulnerability (CVE-2024-7029) in AVTECH cameras.

5 months ago

References

EPSS Score

28% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟑

    Public PoC available

  • πŸ’°

    Used in Ransomware

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by Infosecurity Magazine

  • Vulnerability published

Credit

Larry Cashdollar of Akamai Technologies reported this vulnerability to CISA. An anonymous third-party organization confirmed Akamai's report and identified specific affected products and firmware versions.
.