CVE-2024-11120: GeoVision EOL devices - OS Command Injection

9.8 CVSS

Description

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.

Known Exploited

🚨 Marked as known exploited on May 7th, 2025 (30 days ago).

Classification

CVE ID: CVE-2024-11120

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem Types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected Products

Vendor: GeoVision

Product: GV-VS12, GV-VS11, GV-DSP_LPR_V3, GVLX 4 V2, GVLX 4 V3

Exploit Prediction Scoring System (EPSS)

EPSS Score: 54.56% (probability of being exploited)

EPSS Percentile: 97.87% (scored less or equal to compared to others)

EPSS Date: 2025-06-04 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: active

SSVC Technical Impact: total

SSVC Automatable: true

References

https://nvd.nist.gov/vuln/detail/CVE-2024-11120
https://www.twcert.org.tw/tw/cp-132-8236-d4836-1.html
https://www.twcert.org.tw/en/cp-139-8237-26d7a-2.html

Timeline

2025-05-07 04:40:17 UTC
CVE

GeoVision EOL devices - OS Command Injection
2025-05-07 04:41:17 UTC
🚨 Marked as Known Exploited
2025-05-07 17:15:14 UTC
CISA KEV

GeoVision Devices OS Command Injection Vulnerability