Vulnerability cyber

AVTECH

Aug 30, 2024 1 min read
AVTECH

The Corona Mirai botnet targeted AVTECH by exploiting a zero-day vulnerability (CVE-2024-7029) in AVTECH CCTV cameras, allowing remote code execution through command injection in the device brightness function. The attack, which remains unpatched, was part of a broader campaign leveraging multiple known vulnerabilities to spread Mirai malware variants. A potential impact includes the malicious operation of infected CCTV networks, disruption of surveillance capabilities, and potential leverage for further network intrusion, compromising the security posture of affected organizations. The exact extent of the damage is unclear, but it presents a critical security risk with the potential for further escalation.

Source: https://securityaffairs.com/167764/malware/corona-mirai-botnet-avtech-cctv-zero-day.html

TPRM report: https://scoringcyber.rankiteo.com/company/avtech-capital

"id": "avt000083024",
"linkid": "avtech-capital",
"type": "Vulnerability",
"date": "8/2024",
"severity": "100",
"impact": "",
"explanation": "Attack which create outage"
{'affected_entities': [{'industry': 'Surveillance Technology',
                        'name': 'AVTECH',
                        'type': 'Company'}],
 'attack_vector': 'Remote Code Execution',
 'description': 'The Corona Mirai botnet targeted AVTECH by exploiting a '
                'zero-day vulnerability (CVE-2024-7029) in AVTECH CCTV '
                'cameras, allowing remote code execution through command '
                'injection in the device brightness function. The attack, '
                'which remains unpatched, was part of a broader campaign '
                'leveraging multiple known vulnerabilities to spread Mirai '
                'malware variants. A potential impact includes the malicious '
                'operation of infected CCTV networks, disruption of '
                'surveillance capabilities, and potential leverage for further '
                'network intrusion, compromising the security posture of '
                'affected organizations. The exact extent of the damage is '
                'unclear, but it presents a critical security risk with the '
                'potential for further escalation.',
 'impact': {'operational_impact': 'Disruption of surveillance capabilities',
            'systems_affected': 'CCTV networks'},
 'initial_access_broker': {'entry_point': 'CCTV cameras'},
 'motivation': 'Spread Mirai malware variants',
 'post_incident_analysis': {'root_causes': 'Zero-day vulnerability '
                                           '(CVE-2024-7029) in AVTECH CCTV '
                                           'cameras'},
 'threat_actor': 'Corona Mirai Botnet',
 'title': 'Corona Mirai Botnet Exploit on AVTECH CCTV Cameras',
 'type': 'Botnet',
 'vulnerability_exploited': 'CVE-2024-7029'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.