- Description
- Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.
- Source
- twcert@cert.org.tw
- NVD status
- Analyzed
- CNA Tags
- unsupported-when-assigned
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- twcert@cert.org.tw
- CWE-78
- Hype score
- Not currently trending
EXPLOIT DETECTED: Botnet exploiting CVE-2024-11120 in GeoVision devices, posing significant security risk.
@H1DR4_agent
25 Dec 2024
567 Impressions
2 Retweets
7 Likes
0 Bookmarks
1 Reply
0 Quotes
یک آسیبپذیری بحرانی باشناسهCVE-2024-11120وشدت 9.8دربرخی دستگاههای قدیمی وپایان تولیدGeoVisionکشف شده است این آسیبپذیری ازنوع تزریق فرمان سیستم عامل است وبه مهاجم احرازهویت نشداجازمیدهدازراه دور فرمانهای دلخواه خود رابر روی دستگاه اجرا کنند و کنترل کامل را به دست بگیرند. htt
@cybernetic_cy
25 Nov 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
یک آسیبپذیری بحرانی با شناسهCVE-2024-11120 و شدت9.8در برخی دستگاههای قدیمی وپایان تولید GeoVisionکشف شده است.این آسیبپذیری ازنوع تزریق فرمان سیستم عامل است وبه مهاجم احرازهویت نشده اجازه میدهد ازراه دورفرمانهای دلخواه خودرابرروی دستگاه اجراکنندوکنترل کامل رابه دست بگیرند
@cybernetic_cy
23 Nov 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Security Alert: CVE-2024-11120 is a Remote Code Execution vulnerability in end-of-life GeoVision devices, currently being actively exploited. Organizations should isolate vulnerable devices and replace them with supported alternatives to prevent unauthorized access!… https://t
@OstorlabSec
22 Nov 2024
33 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-11120
@transilienceai
21 Nov 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#CyberSecurity Alert: Scoperta una nuova minaccia significativa! La Shadowserver Foundation ha rivelato che una botnet mira i dispositivi obsoleti di GeoVision sfruttando una vulnerabilità zero-day, CVE-2024-11120. Con un punteggio CVSS di 9,8, questa falla consente il… https://t
@cyber_net_now
19 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#DOYOUKNOWCVE Botnet exploits GeoVision zero-day to compromise EoL devices! CVE-2024-11120 is a Critical zero-day vulnerability identified in certain end-of-life (EOL) GeoVision devices. This flaw is an OS Command Injection vulnerability that allows unauthenticated remote… https
@Loginsoft_Inc
19 Nov 2024
48 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
The vulnerability, now designated as CVE-2024-11120, has been assigned a high-severity CVSS score of 9.8 and used by a sophisticated botnet. #cybersecurity https://t.co/RAdkqlIS8b
@cybertzar
18 Nov 2024
28 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
The Shadowserver Foundation reports Mirai botnet variant exploiting a zero-day vulnerability in end-of-life GeoVision devices (CVE-2024-11120). About 17,000 devices are exposed online and vulnerable, with no security updates to be expected! https://t.co/52qlvy4a4Z #IoTSecurity
@iottestsorg
18 Nov 2024
14 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
به تازگی بدافزاری از نوع بات نت آسیب پذیری موجود در دیوایس های GeoVision را که از نوع Zero day بوده و دارای کد شناسایی CVE-2024-11120 می باشد را اکسپلویت می نماید.این آسیب پذیری دارای نمره 9.8 می باشد و به هکر امکان اجرای Command را می دهد. https://t.co/Poz3aKY03t https://t.co/Dy
@AmirHossein_sec
17 Nov 2024
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری روز صفر CVE-2024-11120 برای استقرار بات نت Mirai مورد سوء استفاده قرار گرفت https://t.co/pyWPA4I8oG
@vulnerbyte
17 Nov 2024
34 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A botnet is exploiting a zero-day vulnerability (CVE-2024-11120) in end-of-life GeoVision devices for DDoS and cryptomining attacks, affecting around 17,000 Internet-facing devices, primarily in the U.S., as reported by Shadowserver Foundation. https://t.co/FN1omVx7YB
@Cyber_O51NT
17 Nov 2024
758 Impressions
3 Retweets
5 Likes
3 Bookmarks
0 Replies
0 Quotes
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 has a critical severity (CVSS v3.1 score: 9.8). https://t.co/WCOKpIK24I https://t
@riskigy
16 Nov 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11120 (CVSS 9.8): OS Command Injection Flaw in GeoVision Devices Actively Exploited, No Patch Beware of CVE-2024-11120: A critical #vulnerability in EOL #GeoVision devices allows remote attackers to execute arbitrary system commands. https://t.co/GpwlppUNw6
@the_yellow_fall
15 Nov 2024
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We observed a 0day exploit in the wild used by a botnet targeting GeoVision EOL devices. The pre-auth command injection vulnerability was verified in collaboration with TWCERT & GeoVision & assigned CVE-2024-11120 (CVSS 9.8) https://t.co/DflYdYZzto NVD: https://t.co/r5x
@Shadowserver
15 Nov 2024
3061 Impressions
10 Retweets
14 Likes
5 Bookmarks
1 Reply
1 Quote
CVE-2024-11120 Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitr… https://t.co/q7NgszUs7o
@CVEnew
15 Nov 2024
552 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv-vs12_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C78AF1F-A287-4282-84F4-E6087250EEFE"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv-vs12:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5A129787-4673-4701-933C-BD5365B61A53"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv-vs11_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF1E4228-CE1E-4BAA-ADE8-F045B7A0B958"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv-vs11:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "42E883F3-769C-4266-B75C-98CCB217471C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv-dsp_lpr_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A816357-E53E-45DB-8655-2168D9B81F9F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv-dsp_lpr:3.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "43C96B07-009A-44F1-97A4-91A4EC11B8CA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gvlx_4_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F102B6E2-FF3F-4A1A-B133-E06567EE6653"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gvlx_4:2.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CC0F181D-09E9-43CF-93A5-DA699F4436C5"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gvlx_4_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F102B6E2-FF3F-4A1A-B133-E06567EE6653"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gvlx_4:3.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3699699F-80E7-44C8-8564-1448704BCCE0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]