CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet

CISA warned about the RCE zero-day vulnerability in AVTECH IP cameras in early August, and now vulnerable systems are being used to spread malware.

Industrial control systems and critical infrastructure operators are being warned about a campaign leveraging a known zero-day vulnerability in remote monitoring cameras to spread Mirai cryptominer botnets.
Researchers at Akamai found the
Mirai cryptominer botnet campaign
was exploiting a variety of previously disclosed vulnerabilities, but was notably focused on a zero-day command injection vulnerability in AVTECH closed-circuit television (CCTV) cameras tracked under CVE-2024-7029.
Affected camera models have been discontinued but are still in wide use across critical infrastructure, Akamais researchers noted. There is no patch available and operators are being advised to rip out the affected devices and replace them with a more secure alternative.
If there is no way to remediate a threat, decommissioning the hardware and software is the recommended way to mitigate security risks and lower the risk of regulatory fines, Akamai researchers advised.
On Aug. 1, the Cybersecurity and Infrastructure Security Agency (CISA) published an industrial control systems (ICS) advisory on the AVTECH IP camera zero-day, specifically citing the devices
use across critical infrastructure
sectors, including commercial facilities, financial services, healthcare, and public health.
The Akamai researchers explained the
zero-day vulnerability
was already known and being used in cyberattacks to spread malware, long before it was formally assigned a CVE. This tack is increasingly popular among threat groups, the researchers said.
A vulnerability without a formal CVE assignment may still pose a threat to your organization — in fact, it could be a significant threat, Akamais team said in its report. Malicious actors who operate these botnets have been using new or under-the-radar vulnerabilities to proliferate malware.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet