CyberSecurity news
FlagThis
MSSP Alert@MSSP feed for Latest
//
Multiple Mirai-based botnets have been actively exploiting a zero-day vulnerability, tracked as CVE-2025-1316, in Edimax IP cameras for nearly a year. The attacks targeting these vulnerable cameras began around May of last year, with intrusions observed by security researchers. While initial exploitation occurred in May, there was a pause before a resurgence in activity in September and again from January to February.
The attackers are leveraging default credentials on the Edimax devices to deploy the Mirai malware. A proof-of-concept exploit has been available since June 2023, suggesting possible earlier attack attempts. Edimax disclosed that a patch for the zero-day is not possible, because the affected IP cameras have reached end-of-life over 10 years ago and the source code and development environment are no longer available. Therefore, organizations are urged to ensure they are using up-to-date software and firmware on their devices to prevent botnet compromise.
ImgSrc: files.cyberrisk
References :
The attackers are leveraging default credentials on the Edimax devices to deploy the Mirai malware. A proof-of-concept exploit has been available since June 2023, suggesting possible earlier attack attempts. Edimax disclosed that a patch for the zero-day is not possible, because the affected IP cameras have reached end-of-life over 10 years ago and the source code and development environment are no longer available. Therefore, organizations are urged to ensure they are using up-to-date software and firmware on their devices to prevent botnet compromise.
ImgSrc: files.cyberrisk
Share:
References :
- bsky.app: Two botnets have exploited a zero-day vulnerability in Edimax security cameras for months. The earliest evidence of exploitation was traced back to October of last year, although public proof-of-concept had been available for over a year before that
- gbhackers.com: Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
- MSSP feed for Latest: Botnet Attacks Exploiting Edimax IP Camera Zero-Day Ongoing For Nearly One Year
- www.scworld.com: Attacks exploiting Edimax IP camera zero-day ongoing for nearly a year
- bsky.app: Two botnets have exploited a zero-day vulnerability in Edimax security cameras for months. The earliest evidence of exploitation was traced back to October of last year, although public proof-of-concept had been available for over a year before that
Classification:
- HashTags: #Edimax #Mirai #IoT
- Company: Edimax
- Target: Edimax Camera Users
- Attacker: Multiple
- Product: Edimax security cameras
- Feature: Vulnerability
- Malware: Mirai
- Type: Malware
- Severity: Major