GreyNoise Observes 3X Surge in Exploitation Attempts Against TVT DVRs — Likely Mirai
ATT&CK techniques detected
T1190Exploit Public-Facing Application
51%
"states, united kingdom, and germany. greynoise observations on march 31, 2025, greynoise observed the beginning of a surge in unique ip addresses attempting to exploit the nvms9000 dvr. the number of ips peaked at over 2, 500 on april 3, with over 6, 600 ips attempting to exploit…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
32%
"##s ) - germany ( 5, 713 ips ). mitigations organizations using the nvms9000 dvr or similar systems should ensure that they are properly secured. recommended actions include : - use greynoise to block known malicious ip addresses attempting to exploit this vulnerability. - apply …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
GreyNoise has observed a significant spike in exploitation attempts against TVT NVMS9000 DVRs. This information disclosure vulnerability can be used to gain administrative control over affected systems.