This marks one of the first instances where threat detection has been augmented by AI to discover zero-day vulnerabilities, representing a groundbreaking advancement in cybersecurity and setting a new benchmark for how technology can accelerate threat detection and resolution.

"This isn't about the specific software or how many people use it — it's about how AI helped us catch a zero-day exploit we might have missed otherwise," said Andrew Morris, Founder and Chief Architect at GreyNoise Intelligence. "We caught it before it could be widely exploited, reported it, and got it patched. The attacker put a lot of effort into developing and automating this exploit, and they hit our sensors. Today it's a camera, but tomorrow it could be a zero-day in critical enterprise software. This discovery proves that AI is becoming essential for detecting and stopping sophisticated threats at scale."

The vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, impact NDI-enabled pan-tilt-zoom (PTZ) cameras from several manufacturers, including PTZOptics, Multicam Systems SAS, and SMTAV Corporation. These cameras, reportedly used in sensitive environments like business conferences, telehealth sessions, and government settings, potentially represent an attractive target for malicious actors looking to compromise video feeds or use the devices as a point of entry into broader network infrastructure.

GreyNoise partnered with VulnCheck to responsibly disclose these vulnerabilities, working closely with affected manufacturers to ensure swift remediation. Firmware updates have been released by PTZOptics to address the issues, and GreyNoise strongly recommends all users update their devices immediately to prevent exploitation.

GreyNoise empowers the security teams of enterprises and global governments to act with speed and confidence by providing real-time, verifiable perimeter-based threat intelligence. This allows security teams to reduce noise in security operations, perform in-depth threat hunting campaigns, and focus on the most critical threats to their networks. Our patented sensor technology enables us to observe and analyze unique threat data at-scale that no one else can. We provide the most actionable threat intelligence against mass internet scanning and exploitation, so that no attack works twice.

