The AVTECH Camera Vulnerability Exploited by Mirai Botnet
Security researchers at AVTECH have issued a warning that a vulnerability in AVTECH cameras is being actively exploited by a variant of the notorious Mirai botnet. This vulnerability, known as CVE-2024-7029, allows remote attackers to inject commands and take control of affected devices.
Discovered by Aline Eliovich, the zero-day vulnerability targets the “brightness” function in the camera’s firmware, enabling attackers to inject commands at a high privilege level, effectively compromising the device.
Although the exploit code has been available since 2019, it was only assigned a CVE identifier in August 2024, showcasing the challenges of addressing vulnerabilities that have not been officially catalogued, leaving numerous devices vulnerable.
The Akamai team, who uncovered the exploitation campaign through their global honeypot network, observed the botnet targeting various vulnerabilities, including a Hadoop YARN RCE (CVE-2014-8361) and CVE-2017-17215. This highlights the trend of attackers leveraging older security flaws that are often overlooked.
Once compromised, the botnet known as ‘Corona Mirai’ due to references to COVID-19 in the malware, targets devices using Telnet on ports 23, 2323, and 37215, as well as exploits vulnerable Huawei devices.
Despite the discontinued status of the affected AVTECH camera model, the US Cybersecurity and Infrastructure Security Agency (CISA) warns that these devices are still widely deployed globally, including in critical infrastructure.
As Akamai advises, managing patch priorities can be challenging, particularly when patches are unavailable. In such cases, decommissioning vulnerable hardware and software is recommended to mitigate risks.
Stay Informed
Stay up-to-date with industry insights at events like the IoT Tech Expo in Amsterdam, California, and London, co-located with other leading events including Cyber Security & Cloud Expo, AI & Big Data Expo, Intelligent Automation Conference, Edge Computing Expo, and Digital Transformation Week.
Explore upcoming enterprise technology events and webinars powered by TechForge here.
Photo by Brian McGowan
Tags:
akamai, avtech, cameras, cve, cybersecurity, flaw, hacking, infosec, IoT, mirai, rce, security, security camera, vulnerability, zero-day