Top surveillance camera has a major security flaw that allows hackers to install Mirai botnet

News
By published

Affected camera is past its end-of-life date, meaning no patch is coming

Big CCTV focusing on a smartphone and icons hovering above it
(Image credit: Shutterstock)
Jump to:

A widely-used surveillance camera has been found carrying a high-severity vulnerability that allows threat actors to take over the device.

Researchers from Akamai recently reported cybercriminals started exploiting the flaw in the AVM1203, a surveillance camera model designed and sold by Taiwanese manufacturer AVTECH, to hijack the endpoints and assimilate them into the Mirai botnet.

Since the model reached its end-of-life status long ago, AVTECH will not be patching the bug, so the best course of action for any owners would be to replace the device with a newer model.

CISA recommendations

The vulnerability in question is tracked as CVE-2024-7029. It has a severity rating of 8.7 (high-severity), and is described as an “improper neutralization of special elements used in a command ('Command Injection')”.

CISA’s technical description states that the flaw allows commands to be injected over the network, “and executed without authentication.”

Those who are unable to replace the device, should take defensive measures, CISA recommends. Those include minimizing network exposure for all control system devices and/or systems (making sure they’re not accessible from the public internet), and locating control system networks and remote devices behind firewalls, and isolating them from business networks.

Ultimately, if it is absolutely necessary for the endpoint to be accessible via the internet, CISA recommends using secure methods such as VPNs, while still stressing that many VPNs may have vulnerabilities, as well.

Mirai is a popular botnet that primarily targets Internet of Things (IoT) devices. It was first discovered in 2016, and has since grown to be almost synonymous with Distributed Denial of Service (DDoS) attacks. The Mirai botnet gained notoriety in October 2016 when it was used to launch one of the largest DDoS attacks in history against Dyn, a major DNS provider. This attack disrupted websites like Twitter, Netflix, and Reddit.

Mirai's source code was eventually released publicly, leading to the creation of many variants by other cybercriminals. These variants have continued to exploit vulnerabilities in IoT devices, making Mirai a significant ongoing threat in the cybersecurity landscape.

Via Ars Technica

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
botnet
Another top security camera maker is seeing devices hijacked into botnet
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
TP-Link and NR routers targeted by worrying new botnet
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Dangerous new botnet targets webcams, routers across the world
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Industrial routers are being hit by zero-days from new Mirai botnets
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Cisco, ASUS, QNAP, and Synology devices hijacked to major botnet
Latest in Security
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Latest in News
Zotac Gaming RTX 5090 Graphics Card
Nvidia Blackwell stock woes are compounded by price hikes as more RTX 5090 GPUs soar in pricing, and I’m sick and tired of it all at this point
A collage of Elizabeth Olsen's Scarlet Witch and Tatiana Maslany's She-Hulk
Marvel fans are already tired of Doomsday and Secret Wars cast gossip as two more superheroes get linked with roles in the next two Avengers movies
An Apple Music pink/pixellated poster advertising DJ with Apple Music
DJ with Apple Music lands, allowing subscribers to build and mix DJ sets directly from its +100 million-song catalog
The Meta Quest 3 and controllers on their charging station which is itself on a wooden desk next to a lamp
Forget Android XR, I've got my eyes on Vivo's new Meta Quest 3 competitor as it could be the most important VR headset of 2025
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
More about security
Data leak

A major Keenetic router data leak could put a million households at risk
Code Skull

This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An Nvidia RTX 5080 vs RTX 4080 Super against a two-tone background

Nvidia RTX 5080 vs RTX 4080 Super: should you upgrade to the latest Blackwell GPU?
See more latest
Most Popular
Data leak
A major Keenetic router data leak could put a million households at risk
A collage of Elizabeth Olsen's Scarlet Witch and Tatiana Maslany's She-Hulk
Marvel fans are already tired of Doomsday and Secret Wars cast gossip as two more superheroes get linked with roles in the next two Avengers movies
Quordle on a smartphone held in a hand
Quordle hints and answers for Wednesday, March 26 (game #1157)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Wednesday, March 26 (game #388)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Wednesday, March 26 (game #654)
Nvidia app
Tired of manually optimizing your games? Nvidia's new G-Assist could save you time
Zotac Gaming RTX 5090 Graphics Card
Nvidia Blackwell stock woes are compounded by price hikes as more RTX 5090 GPUs soar in pricing, and I’m sick and tired of it all at this point
Demonstrators protesting against the arrest of the Mayor of Istanbul Ekrem Imamoglu block Atatürk Boulevard on March 22, 2025 in Ankara, Türkiye.
Turkey's social media ban has been lifted, but VPN usage is still high
An iPhone running iOS 18 on a purple and blue background
iOS 18.4 could launch soon with a major upgrade to your iPhone’s notifications
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems