GreyNoise Intelligence, the cybersecurity company providing real-time, verifiable threat intelligence into internet scanning and exploitation, announced the discovery of two previously undisclosed critical and high-severity zero-day vulnerabilities in live streaming cameras reportedly used across industrial operations, government, healthcare, and other sensitive environments like houses of worship.
GreyNoise’s discovery was made possible by Sift, an internal, proprietary large language model (LLM) developed by GreyNoise that analyzes millions of web requests per day, identifying anomalous traffic that traditional cybersecurity methods might overlook. In this case, Sift flagged unrecognized traffic patterns, prompting GreyNoise researchers to dig deeper, resulting in the discovery of two new vulnerabilities that could potentially allow attackers to seize complete control of the cameras, view and/or manipulate video feeds, disable camera operations, and enlist the devices into a botnet to launch denial-of-service attacks.
This marks one of the first instances where threat detection has been augmented by AI to discover zero-day vulnerabilities, representing a groundbreaking advancement in cybersecurity and setting a new benchmark for how technology can accelerate threat detection and resolution.
Also Read: Altair Signs Definitive Agreement with Siemens to be Acquired for $10.6 Billion
“This isn’t about the specific software or how many people use it — it’s about how AI helped us catch a zero-day exploit we might have missed otherwise,” said Andrew Morris, Founder and Chief Architect at GreyNoise Intelligence. “We caught it before it could be widely exploited, reported it, and got it patched. The attacker put a lot of effort into developing and automating this exploit, and they hit our sensors. Today it’s a camera, but tomorrow it could be a zero-day in critical enterprise software. This discovery proves that AI is becoming essential for detecting and stopping sophisticated threats at scale.”
The vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, impact NDI-enabled pan-tilt-zoom (PTZ) cameras from several manufacturers, including PTZOptics, Multicam Systems SAS, and SMTAV Corporation. These cameras, reportedly used in sensitive environments like business conferences, telehealth sessions, and government settings, potentially represent an attractive target for malicious actors looking to compromise video feeds or use the devices as a point of entry into broader network infrastructure.
GreyNoise partnered with VulnCheck to responsibly disclose these vulnerabilities, working closely with affected manufacturers to ensure swift remediation. Firmware updates have been released by PTZOptics to address the issues, and GreyNoise strongly recommends all users update their devices immediately to prevent exploitation.
SOURCE: PRWeb