IoT, Vulnerability Management, Threat Intelligence

Active exploitation of PTZOptics zero-days underway

Novel Mirai-based DDoS botnet exploits 0-days to infect routers and security cameras

BleepingComputer reports that vulnerable PTZOptics pan-tilt-zoom cameras used by industrial, healthcare, and government organizations impacted by a pair of zero-day flaws have been targeted in ongoing intrusions.

Attacks exploiting the authentication weakness within the 'lighthttpd' server, tracked as CVE-2024-8957, and the insufficient input sanitization bug, tracked as CVE-2024-8957, could enable camera hijacking and bot compromise, as well as further infiltration of devices within the same network, according to a report from GreyNoise. Updates addressing the issues have already been issued by PTZOptics but not for the end-of-life PT20X-NDI-G2 and PT12X-NDI-G2 models and the newer PT20X-SE-NDI-G3, and PT30X-SE-NDI-G3 iterations. Meanwhile, numerous other NDI-enabled cameras from SMTAV Corporation and Multicam Systems running on VHD PTZ camera firmware versions older than 6.3.40 are also impacted by the bugs. "We (strongly) believe that a wider range of devices is affected, potentially indicating that the actual culprit lies within the SDK the manufacturer (ValueHD / VHD Corporation) uses," said GreyNoise.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds