The Corona Mirai-based malware botnet exploits a 5-year-old zero-day in discontinued AVTECH IP cameras (CVE-2024-7029).
This high-severity issue (CVSS v4 score: 8.7) allows unauthenticated attackers to inject commands via the "brightness" function in the cameras' firmware.
The flaw affects AVTECH AVM1203 IP cameras up to firmware version Fullmg-1023-1007-1011-1009.
Since these models are no longer supported since 2019, there is no patch available for CVE-2024-7029.
The U.S. Cybersecurity and Infrastructure Security Agency issued a warning about public exploits targeting these cameras, which are still used in various critical sectors. Although proof of concept (PoC) exploits has been known since 2019, active exploitation was not observed until recently.
Read more...