CCTV zero-day exposes critical infrastructure to Mirai botnet

Becky Bracken, Dark Reading

September 2, 2024

1 Min Read
CCTV zero-day exposes critical infrastructure to Mirai botnet

Industrial control systems and critical infrastructure operators are being warned about a campaign leveraging a known zero-day vulnerability in remote monitoring cameras to spread Mirai cryptominer botnets.

Researchers at Akamai found the Mirai cryptominer botnet campaign was exploiting a variety of previously disclosed vulnerabilities, but was notably focused on a zero-day command injection vulnerability in AVTECH closed-circuit television (CCTV) cameras tracked under CVE-2024-7029.

Affected camera models have been discontinued but are still in wide use across critical infrastructure, Akamai’s researchers noted. There is no patch available and operators are being advised to rip out the affected devices and replace them with a more secure alternative.

“If there is no way to remediate a threat, decommissioning the hardware and software is the recommended way to mitigate security risks and lower the risk of regulatory fines,” Akamai researchers advised.

To read the complete article, visit Dark Reading.

About the Author

Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community