- Suleman
CCTV Cameras Vulnerability Risks: New Exploits Found
Introduction
Recently, cybersecurity researchers have found a new vulnerability in some CCTV cameras that can capture the attention of cybercriminals. Such devices are usually used in a transport environment, and because of the importance of these cameras for transportation, this cybersecurity issue is simply unacceptable. This vulnerability (CVE-2024-7029) was found in AVTECH CCTV Cameras. It is said that this security bug makes it possible for cyber miscreants to take control of the cameras from afar and then push out malicious code, distributing a strain of Mirai botnet dubbed Corona. According to Akamai researchers, this exploit is particularly dangerous as it can also spread through other devices, leading to further damage.
Outdated Cameras Still in Use Globally
While the particular devices in question (IP cameras) are old and no longer on sale, they’re still used around the planet, which suggests a lot of systems are ripe for compromise. The vulnerability exists in the brightness setting of the cameras, and exploitation can give attackers unauthorized access as well as gain control over it. Additionally, this flaw could allow attackers to use open TCP port 7777, increasing the vulnerability of the cameras to be used in a 7777 botnet, which is a growing concern in cybersecurity.
CISA’s Advisory on the Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory about the vulnerability, warning that it is easily exploitable by attackers. AVTECH has yet to respond, and the vulnerability remains unpatched.
How Cybercriminals Hack CCTV Cameras
If this vulnerability is exploited, attackers can distribute the Mirai variant malware. Though first seen in mid-to-late 2024, research shows the malware activity dates back to at least late 2023. Once infected, the malware connects compromised systems to numerous hosts via Telnet, and sometimes via ASUS routers, to spread itself and subsequently compromise additional devices. This could lead to service disruption. This sort of attack is becoming more common where hackers exploit long-since-patched vulnerabilities to break into equipment.
Other Flaws in the Same Campaign
Although various other exploits, including CVE-2014-8361 flaws affecting Hadoop systems and this year’s already-patched Huawei bug designated as CVE-2017–17215, have been attacked in the campaign, highlighting CCTV cameras demonstrates how woefully negligent security practices can result in serious risks. As no patch is available for this vulnerability, organizations should decommission any of these cameras in use to prevent further abuse.
Conclusion
Around 150,000 CCTV cameras are said to be susceptible to the remotely exploitable CVE-2024-7029 flaw, which NowSecure discovered in a recent incident that puts internet-facing devices at increased risk of cyberattack. There is no patch yet, and all affected organizations must update firmware with new hardware or decommission the device to protect their systems. As in the case of AVTECH CCTV cameras, using outdated software that doesn’t receive regular security updates can create significant risks. The future of any botnet, including those like the 7777 botnet, can often be predicted by how vulnerabilities are addressed before they become widespread in the infection process.
FAQs
Hackers can exploit a security flaw in AVTECH CCTV cameras, making hundreds of thousands remotely controlled and spread real-time malware CVE-2024-7029.
The vulnerability allows hackers to inject a malicious code, making the cameras be part of a botnet for infecting Mirai variant malware.
These out-of-date cameras are still in use, though. And any new hack comes through, they are just as susceptible.
In the absence of a patch to fix it, or even in addition to one should it become available, organizations are encouraged not just to block remote access but disconnect affected CCTV cameras entirely.
Up to now, no response has been received by AVTECH despite a request for assistance in dealing with the problem.