CVE-2024-8957

Confirmed PUBLISHED

PTZOptics NDI and SDI Cameras Command Injection via NTP Address Configuration

PTZOptics · PT30X-SDI, PT30X-NDI
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.2 High

At a Glance

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956, a remote and unauthenticated attacker can execute arbitrary OS commands on affected devices.

cisa nessus_scanner
CVE Published
Sep 17, 2024
Exploitation Reported
Nov 04, 2024
CVSS
7.2 High
EPSS
Remote Low complexity No user interaction

Affected Versions

Vendor Product Version Status
ptzoptics
pt30x-sdi_firmware

0 to < 6.3.40

Affected
ptzoptics
pt30x-ndi_firmware

0 to < 6.3.40

Affected
PTZOptics
PT30X-SDI

0 to < 6.3.40

Affected
PTZOptics
PT30X-NDI

0 to < 6.3.40

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.