Detections
Analytics

Geo Vision EoL Devices Improper Neutralization of Special Elements used in an OS Command (CVE-2024-11120)

critical Tenable OT Security Plugin ID 503224

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

https://www.twcert.org.tw/en/cp-139-8237-26d7a-2.html

https://www.twcert.org.tw/tw/cp-132-8236-d4836-1.html

http://www.nessus.org/u?27ab061e

Plugin Details

Severity: Critical

ID: 503224

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 5/13/2025

Updated: 5/13/2025

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-11120

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:geovision:gv-vs12_firmware:-, cpe:/o:geovision:gv-vs11_firmware:-

Required KB Items: Tenable.ot/GeoVision

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/15/2024

Vulnerability Publication Date: 11/15/2024

CISA Known Exploited Vulnerability Due Dates: 5/28/2025

Reference Information

CVE: CVE-2024-11120

CWE: 78