Security News > 2024 > August > Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
2024-08-29 11:05
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE)," Akamai researchers Kyle
News URL
https://thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html
Related news
- APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack (source)
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)
- Russian military hackers linked to critical infrastructure attacks (source)
- GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware (source)
- U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks (source)
- Chinese hackers use new data theft malware in govt attacks (source)
- Hackers deploy AI-written malware in targeted attacks (source)
- N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-02 | CVE-2024-7029 | Command Injection vulnerability in Avtech Avm1203 Firmware Commands can be injected over the network and executed without authentication. | 9.8 |