Cybercriminals actively sell remote access to tens of thousands of unpatched Chinese surveillance cameras on underground forums. The cameras run outdated firmware vulnerable to CVE-2023-XXXXX, a critical flaw disclosed 11 months ago. Attackers exploit this vulnerability to gain unauthenticated remote code execution, allowing them to control camera feeds, access video archives, and pivot into connected networks.
Organizations across multiple sectors remain exposed. The vulnerability affects models from major Chinese manufacturers and spreads across educational institutions, retail operations, and government facilities. Threat actors bundle camera access into packages priced between $50 and $500 per device, depending on network placement and data sensitivity.
Defenders must immediately audit camera inventory and apply available patches. Organizations should isolate cameras on segregated network segments, implement strict access controls, and disable remote management features where possible. Network monitoring should flag suspicious command patterns. The 11-month patch window indicates vendors released fixes, yet mass adoption failed. This gap demonstrates that patching cycles for IoT devices remain dangerously slow across enterprises.