CVE-2024-11120

Published Nov 15, 2024

Last updated 2 days ago

CVSS critical 9.8

Overview

Description
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.
Source
twcert@cert.org.tw
NVD status
Awaiting Analysis
CNA Tags
unsupported-when-assigned

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

twcert@cert.org.tw
CWE-78

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. به تازگی بدافزاری از نوع بات نت آسیب پذیری موجود در دیوایس های GeoVision را که از نوع Zero day بوده و دارای کد شناسایی CVE-2024-11120 می باشد را اکسپلویت می نماید.این آسیب پذیری دارای نمره 9.8 می باشد و به هکر امکان اجرای Command را می دهد. https://t.co/Poz3aKY03t https://t.co/Dy

    @AmirHossein_sec

    17 Nov 2024

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. آسیب پذیری روز صفر CVE-2024-11120 برای استقرار بات نت Mirai مورد سوء استفاده قرار گرفت https://t.co/pyWPA4I8oG

    @vulnerbyte

    17 Nov 2024

    22 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. A botnet is exploiting a zero-day vulnerability (CVE-2024-11120) in end-of-life GeoVision devices for DDoS and cryptomining attacks, affecting around 17,000 Internet-facing devices, primarily in the U.S., as reported by Shadowserver Foundation. https://t.co/FN1omVx7YB

    @Cyber_O51NT

    17 Nov 2024

    667 Impressions

    2 Retweets

    5 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  4. A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 has a critical severity (CVSS v3.1 score: 9.8). https://t.co/WCOKpIK24I https://t

    @riskigy

    16 Nov 2024

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-11120 (CVSS 9.8): OS Command Injection Flaw in GeoVision Devices Actively Exploited, No Patch Beware of CVE-2024-11120: A critical #vulnerability in EOL #GeoVision devices allows remote attackers to execute arbitrary system commands. https://t.co/GpwlppUNw6

    @the_yellow_fall

    15 Nov 2024

    64 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. We observed a 0day exploit in the wild used by a botnet targeting GeoVision EOL devices. The pre-auth command injection vulnerability was verified in collaboration with TWCERT & GeoVision & assigned CVE-2024-11120 (CVSS 9.8) https://t.co/DflYdYZzto NVD: https://t.co/r5x

    @Shadowserver

    15 Nov 2024

    3061 Impressions

    10 Retweets

    14 Likes

    5 Bookmarks

    1 Reply

    1 Quote

  7. CVE-2024-11120 Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitr… https://t.co/q7NgszUs7o

    @CVEnew

    15 Nov 2024

    552 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References