virus logo Outbreak Alert

PTZOptics NDI and SDI Cameras Attack

Released: Feb 05, 2025

Download PDF »

PTZOptics Cameras Attack Attack OT/ICS Tags

High Severity

Subscribe

Actively exploited in the wild

FortiGuard Labs has observed attack attempts aimed at PTZOptics cameras, with FortiGuard sensors detecting telemetry from as many as 4,000 devices. This surge in activity highlights the vulnerabilities present in these devices, which can be easily exploited by attackers seeking unauthorized access, potentially leading complete camera takeover, infection with bots, pivoting to other devices connected on the same network, or disruption of video feeds. Learn More »

Common Vulnerabilities and Exposures



Background

PTZOptics cameras are used in industrial, healthcare, business, and government sectors worldwide. The majority of the blocked attack attempts observed by FortiGuard telemetry are from United States, Japan, and South Korea.

CVE-2024-8956 is a weak authentication flaw (PT30X-SDI/NDI-xx firmware before 6.3.40), allowing unauthorized users to access, which may reveal usernames, MD5 password hashes, and network configurations.

CVE-2024-8957 is caused by insufficient input sanitization (PT30X-SDI/NDI-xx before 6.3.40) in the 'ntp_addr' field, allowing attackers to use a specially crafted payload to insert commands for remote code execution.

Click here to analyze the

Real-Time Threat Map

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


Taking proactive measures is essential to safeguard against these vulnerabilities and protect sensitive information from malicious actors. FortiGuard recommends users to download firmware updates from the vendor.

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT

  • Lure

  • Decoy VM

  • IPS

  • Web App Security

  • IoT/IIoT Virtual Patch

DETECT

  • IOC

  • Outbreak Detection

RESPOND

  • Automated Response

  • Assisted Response Services

RECOVER

  • NOC/SOC Training

  • End-User Training

IDENTIFY

  • Attack Surface Monitoring (Inside & Outside)

  • Attack Surface Hardening

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


References

Sources of information in support and relation to this Outbreak and vendor.


Deep Dive by GreyNoise

Learn More »
PTZOptics

Learn More »
About FortiGuard Outbreak Alerts

Learn More »