CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2024-6047

CVSS 9.8v3.1pub. 2024-06-17upd. 2025-10-30

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.

🤖 AI Analysis
How it works

An attacker can submit crafted input data to a vulnerable device function without any authentication. Due to lack of proper input validation and filtering (CWE-78 — OS Command Injection), injected commands are executed directly by the device's operating system. The attack is possible remotely over the network, requires no user interaction or any privileges.

Impact

An attacker gains the ability to execute arbitrary system commands on the device, which in practice means full control over the device, loss of data confidentiality, possibility of configuration modification, and inclusion of the device in a botnet.

Mitigation & patch

Devices affected by the vulnerability have EOL status and will most likely not receive official patches from the manufacturer. Immediate replacement of devices with supported models is recommended. Until replacement, devices should be isolated from the public network, restrict access through a firewall to trusted IP addresses only, and monitor network traffic for anomalies. Detailed recommendations are available in TWCERT bulletins at the addresses indicated in the references.

Who is affected

GeoVision EOL devices: GV-DSP LPR (firmware), GV-BX130 (firmware), GV-BX1500 (firmware) and their corresponding hardware models — according to manufacturer and TWCERT references.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Geovision Gv Bx130

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Bx130 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Bx1500

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Bx1500 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Cb220

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Cb220 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Dsp Lpr

    HW
    Geovision
    2.0
  • Geovision Gv Dsp Lpr Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Ebl1100

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Ebl1100 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Efd1100

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Efd1100 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Fd2410

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Fd2410 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Fd3400

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Fd3400 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Fe3401

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Fe3401 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Fe420

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Fe420 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Gm8186 Vs14

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Gm8186 Vs14 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gvlx 4

    HW
    Geovision
    2.03.0
  • Geovision Gvlx 4 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Vs03

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Vs03 Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Vs04a

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Vs04a Firmware

    OS
    Geovision
    wszystkie wersje
  • Geovision Gv Vs04h

    HW
    Geovision
    wszystkie wersje
  • Geovision Gv Vs04h Firmware

    OS
    Geovision
    wszystkie wersje

CISA KEV — detailsi

Vendori
GeoVision
Producti
Multiple Devices
Added to KEVi
May 7, 2025
Remediation deadline (US Federal)i
May 28, 2025(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Multiple GeoVision devices contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to inject and execute arbitrary system commands. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 28 maja 2025
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2024-11120CRITICAL9.8⚠ KEVPL ✓ten sam produkt

OS Command Injection w urządzeniach GeoVision — zdalne wykonanie poleceń bez uwierzytelnienia

CVE-2026-42370CRITICAL9.0PL ✓ten sam vendor

Stack overflow w GeoVision GV-VMS — nieuwierzytelnione RCE przez WebCam Server

CVE-2026-42364CRITICAL9.9PL ✓ten sam vendor

Command injection w GeoVision LPC2011/LPC2211 via konfiguracja DDNS

CVE-2026-42368CRITICAL9.9PL ✓ten sam vendor

Privilege escalation w interfejsie Web GeoVision LPC2011/LPC2211

CVE-2026-7161CRITICAL9.3PL ✓ten sam vendor

Wyciek poświadczeń przez słabe szyfrowanie w GeoVision GV-IP Device Utility