CVE-2024-6047 is a critical vulnerability classified under CWE-78 (Improper Neutralization of Special Elements used in an OS Command), affecting all versions of the GeoVision GV_DSP_LPR_V2 product, which is an end-of-life (EOL) device used primarily for license plate recognition. The vulnerability arises because the device fails to properly sanitize or filter user-supplied input in a specific functionality, allowing unauthenticated remote attackers to inject arbitrary operating system commands. This flaw enables attackers to execute commands with the privileges of the vulnerable device, potentially leading to full system compromise. The CVSS v3.1 base score is 9.8, reflecting the vulnerability's ease of exploitation (no authentication or user interaction required), and its severe impact on confidentiality, integrity, and availability. The vulnerability is publicly disclosed but currently has no known exploits in the wild. Given the device's EOL status, no official patches are available, increasing the risk for organizations still operating these devices. The vulnerability could be exploited remotely over the network, making it a significant threat vector for attackers aiming to gain unauthorized control over security infrastructure components.

For European organizations, the impact of CVE-2024-6047 is substantial. GeoVision GV_DSP_LPR_V2 devices are typically deployed in security-sensitive environments such as parking management, law enforcement, and critical infrastructure surveillance. Successful exploitation could lead to unauthorized access to sensitive data, manipulation or disabling of security monitoring functions, and lateral movement within the network. This could result in breaches of personal data protected under GDPR, operational disruptions, and potential physical security risks. The lack of authentication and the ability to execute arbitrary commands remotely amplify the threat, potentially allowing attackers to install malware, exfiltrate data, or disrupt services. The EOL status of the product means no vendor support or patches are forthcoming, forcing organizations to rely on compensating controls. The threat is particularly acute for organizations with direct internet exposure of these devices or insufficient network segmentation, increasing the likelihood of exploitation and subsequent damage.

Given the absence of official patches due to the product's EOL status, European organizations should implement immediate compensating controls. First, isolate GV_DSP_LPR_V2 devices from public networks by placing them behind firewalls and restricting access to trusted management networks only. Employ strict network segmentation to limit lateral movement if a device is compromised. Disable any unnecessary services or functionalities on the device to reduce the attack surface. Monitor network traffic for unusual command execution patterns or unauthorized access attempts targeting these devices. Where feasible, replace the affected devices with supported, patched alternatives to eliminate the vulnerability entirely. Additionally, implement strong logging and alerting mechanisms to detect exploitation attempts early. Conduct regular security audits and vulnerability assessments focusing on legacy devices. Finally, educate security teams about this specific threat to ensure rapid response if exploitation indicators are observed.