CVE-2024-6047 (CVSS 9.8): Urgent Security Risk for GeoVision Users

Taiwan’s CERT has issued a critical security warning regarding a severe vulnerability (CVE-2024-6047) affecting various end-of-life (EOL) GeoVision devices, including IP cameras, video servers, and DVRs. This vulnerability carries a CVSS score of 9.8, indicating a high risk of exploitation.

The CVE-2024-6047 vulnerability stems from improper input filtering in specific functionalities of GeoVision devices. This flaw allows unauthenticated remote attackers to execute arbitrary system commands on the affected devices, thereby gaining unauthorized control over them. The vulnerability is particularly alarming as it requires no authentication, making it easier for attackers to exploit.

The following EOL GeoVision products are confirmed to be vulnerable:

• DSP LPR: GV_DSP_LPR_V2
• IP Cameras: GV_IPCAMD_GV_BX1500, GV_IPCAMD_GV_CB220, GV_IPCAMD_GV_EBL1100, GV_IPCAMD_GV_EFD1100, GV_IPCAMD_GV_FD2410, GV_IPCAMD_GV_FD3400, GV_IPCAMD_GV_FE3401, GV_IPCAMD_GV_FE420
• Video Servers: GV-VS14_VS14, GV_VS03, GV_VS2410, GV_VS28XX, GV_VS216XX, GV VS04A, GV VS04H
• DVRs: GVLX 4 V2, GVLX 4 V3

GeoVision has officially discontinued support for these products, meaning no patches or updates will be released to address this vulnerability. The only recommended course of action is to immediately retire and replace the affected devices.

Leaving vulnerable EOL devices connected to your network poses a significant security risk. Attackers are actively searching for unpatched systems, and this vulnerability provides an easy entry point for them to compromise your infrastructure. Taking immediate action is crucial to protect your data and prevent potential damage.