Ongoing attacks leveraging a pair of critical operating system command injection flaws impacting GeoVision Internet of Things devices, tracked as CVE-2024-6047 and CVE-2024-11120, have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security flaws by May 28, according to Security Affairs.
Both of the vulnerabilities, which impact end-of-life GeoVision products and could be leveraged to facilitate arbitrary command injections, have already been used in distributed denial-of-service and cryptomining intrusions, an advisory from TWCERT showed. Despite having been reported months ago, almost 17,000 internet-exposed GeoVision devices continue to be impacted by CVE-2024-11120. The U.S. accounted for most of the exposures at 8,720 devices, followed by Germany, Taiwan, and Canada. Such a development comes after multiple security flaws in Broadcom Brocade Fabric OS, Qualitia Active! Mail, and Commvault Web Server were added to CISA's KEV catalog.
Both of the vulnerabilities, which impact end-of-life GeoVision products and could be leveraged to facilitate arbitrary command injections, have already been used in distributed denial-of-service and cryptomining intrusions, an advisory from TWCERT showed. Despite having been reported months ago, almost 17,000 internet-exposed GeoVision devices continue to be impacted by CVE-2024-11120. The U.S. accounted for most of the exposures at 8,720 devices, followed by Germany, Taiwan, and Canada. Such a development comes after multiple security flaws in Broadcom Brocade Fabric OS, Qualitia Active! Mail, and Commvault Web Server were added to CISA's KEV catalog.
