Outbreak Alert: PTZOptics NDI and SDI Cameras Attack
| FortiRecon Digital Risk Protection (DRP), a SaaS-based service, includes External Attack Surface Management, Brand Protection, and Adversary Centric Intelligence. Adversary Centric Intelligence (ACI): leverages FortiGuard Threat Analysis to provide comprehensive coverage of dark web, open-source, and technical threat intelligence, including threat actor insights to enable organizations to respond proactively assess risks, respond faster to incidents, better understand their attackers, and guard assets. The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc. | |
| CVE ID | CVE-2024-8957 |
| CVE Title | PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability |
| NVD Severity | CRITICAL |
| FortiRecon Severity | CRITICAL |
| FortiRecon Score | 90/100 |
| Exploited | Yes |
| Exploited by Ransomware Group(s) | No |
| Exploited by APT Group(s) | No |
| Included in CISA KEV List | Yes |
| Available working exploit(s) | 0 |
| Available POC exploit(s) | 0 |
| Darknet Mention(s) | 0 |
| Telegram Mention(s) | 1 (Freedom F0x) |
| FortiRecon Intelligence Reporting(s) | 3 (OSINT), 1 (Technical Intelligence), 1 (FortiGuard Research) |
| Vendor Advisory: | |
| CVE ID | CVE-2024-8956 |
| CVE Title | PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability |
| NVD Severity | CRITICAL |
| FortiRecon Severity | CRITICAL |
| FortiRecon Score | 90/100 |
| Exploited | Yes |
| Exploited by Ransomware Group(s) | No |
| Exploited by APT Group(s) | No |
| Included in CISA KEV List | Yes |
| Available working exploit(s) | 0 |
| Available POC exploit(s) | 0 |
| Darknet Mention(s) | 0 |
| Telegram Mention(s) | 1 (Freedom F0x) |
| FortiRecon Intelligence Reporting(s) | 3 (OSINT), 1 (Technical Intelligence), 1 (FortiGuard Research) |
| Vendor Advisory: |