BDU:2024-05581

Scores

EPSS

0.000none0.0%

0%20%40%60%80%100%

Percentile: 0.0%

CVSS

9.8critical3.x

0246810

CVSS Score: 9.8/10

All CVSS Scores

CVSS 3.x

9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0

10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Description

Уязвимость микропрограммного обеспечения систем видеонаблюдения GeoVision GV-DSP, GV-IPCAMD, GV-VS и GVLX 4 существует из-за непринятия мер по нейтрализации специальных элементов, используемых в команде операционной системы. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнять произвольные команды

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

bdu

Related Vulnerabilities

CVE-2024-6047

Exploits

Exploit ID: BDU:2024-05581

Source: bdu_exploit

URL: https://bdu.fstec.ru/vul

Reference Links

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-6047

https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html

https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html

https://vuldb.com/ru/?id.268775

https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet

https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

Recommendations

Source: bdu

Компенсирующие меры:
- использование средств межсетевого экранирования для ограничения возможности удалённого доступа к устройствам;
- ограничение доступа из внешних сетей (Интернет);
- использование виртуальных частных сетей для организации удаленного доступа (VPN).

URL: https://bdu.fstec.ru/vul/2024-05581

Vulnerable Software (18)

Type: Configuration

Vendor: geovision

Product: gv-dsp lpr

Operating System: * *

Trait:

{  "version_exact": "2"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-ipcamd gv-bx1500

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-ipcamd gv-cb220

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-ipcamd gv-ebl1100

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-ipcamd gv-efd1100

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-ipcamd gv-fd2410

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-ipcamd gv-fd3400

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-ipcamd gv-fe3401

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-ipcamd gv-fe420

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-vs03

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-vs04a

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-vs04h

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-vs14 vs14

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-vs216xx

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-vs2410

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gv-vs28xx

Operating System: * *

Trait:

{  "version_exact": "*"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gvlx 4

Operating System: * *

Trait:

{  "version_exact": "2"}

Source: bdu

Type: Configuration

Vendor: geovision

Product: gvlx 4

Operating System: * *

Trait:

{  "version_exact": "3"}

Source: bdu

End of list

Russian Vulnerability Scanner Database

BDU:2024-05581

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

Related Vulnerabilities

Exploits

Reference Links

Recommendations

Vulnerable Software (18)