{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-11120","assignerOrgId":"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e","state":"PUBLISHED","assignerShortName":"twcert","dateReserved":"2024-11-12T06:23:33.571Z","datePublished":"2024-11-15T02:00:27.361Z","dateUpdated":"2025-10-21T22:55:36.559Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"GV-VS12","vendor":"GeoVision","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"unaffected","product":"GV-VS11","vendor":"GeoVision","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"unaffected","product":"GV-DSP_LPR_V3","vendor":"GeoVision","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"unaffected","product":"GVLX 4 V2","vendor":"GeoVision","versions":[{"status":"affected","version":"0"}]},{"defaultStatus":"unaffected","product":"GVLX 4 V3","vendor":"GeoVision","versions":[{"status":"affected","version":"0"}]}],"datePublic":"2024-11-15T01:56:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports."}],"value":"Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports."}],"impacts":[{"capecId":"CAPEC-88","descriptions":[{"lang":"en","value":"CAPEC-88 OS Command Injection"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e","shortName":"twcert","dateUpdated":"2024-11-15T02:00:27.361Z"},"references":[{"tags":["third-party-advisory"],"url":"https://www.twcert.org.tw/tw/cp-132-8236-d4836-1.html"},{"tags":["third-party-advisory"],"url":"https://www.twcert.org.tw/en/cp-139-8237-26d7a-2.html"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"&nbsp; The affected devices are no longer being maintained. It is recommended to replace them.<br>"}],"value":"The affected devices are no longer being maintained. It is recommended to replace them."}],"source":{"advisory":"TVN-202411014","discovery":"EXTERNAL"},"tags":["unsupported-when-assigned","x_known-exploited-vulnerability"],"title":"GeoVision EOL devices - OS Command Injection","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-11120","role":"CISA Coordinator","options":[{"Exploitation":"active"},{"Automatable":"yes"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-05-07T17:12:05.450406Z"}}},{"other":{"type":"kev","content":{"dateAdded":"2025-05-07","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-11120"}}}],"affected":[{"cpes":["cpe:2.3:o:geovision:gv-vs12_firmware:*:*:*:*:*:*:*:*"],"vendor":"geovision","product":"gv-vs12_firmware","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:o:geovision:gv-vs11_firmware:*:*:*:*:*:*:*:*"],"vendor":"geovision","product":"gv-vs11_firmware","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:o:geovision:gv-dsp_lpr_v3_firmware:*:*:*:*:*:*:*:*"],"vendor":"geovision","product":"gv-dsp_lpr_v3_firmware","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:o:geovision:gvlx_4_v2_firmware:*:*:*:*:*:*:*:*"],"vendor":"geovision","product":"gvlx_4_v2_firmware","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:o:geovision:gvlx_4_v3_firmware:*:*:*:*:*:*:*:*"],"vendor":"geovision","product":"gvlx_4_v3_firmware","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-11120","tags":["government-resource"]}],"timeline":[{"time":"2025-05-07T00:00:00.000Z","lang":"en","value":"CVE-2024-11120 added to CISA KEV"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-21T22:55:36.559Z"}}]}}