GeoVision, a provider of surveillance and security equipment, has been the target of a cyberattack where a zero-day vulnerability identified as CVE-2024-11120 was exploited in their end-of-life devices. This pre-auth command injection flaw allowed attackers to remotely execute arbitrary commands on the devices. As a result, around 17,000 devices, primarily in the United States, have been compromised to carry out DDoS and cryptomining operations. The economic implications of this attack have yet to be fully realized, but with such a large number of devices affected, there is a risk of significant business disruption and potential long-term reputation damage.
Source: https://securityaffairs.com/171067/malware/ddos-botnet-exploits-geovision-zero-day.html
"id": "tar000111824",
"linkid": "targeted-geovision-llc",
"type": "Vulnerability",
"date": "11/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"