Multiple vulnerabilities in Motorola Solutions Vigilant License Plate Readers
| Risk | Medium |
| Patch available | NO |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2024-38279 CVE-2024-38280 CVE-2024-38281 CVE-2024-38282 CVE-2024-38283 CVE-2024-38284 CVE-2024-38285 |
| CWE-ID | CWE-288 CWE-313 CWE-798 CWE-522 CWE-311 CWE-294 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Vigilant Fixed LPR Coms Box (BCAV1F2-C600) Hardware solutions / Firmware |
| Vendor | Motorola |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Authentication bypass using an alternate path or channel
EUVDB-ID: #VU92103
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-38279
CWE-ID:
CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass authentication process.
The vulnerability exists due to the authentication bypass using an alternate path or channel. An attacker with physical access can modify the bootloader by using custom arguments to bypass authentication, gain access to the file system and obtain password hashes.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsVigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9
CPE2.3- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:*:*:*:*:*:*:*:*
- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:3.1.171.9:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Cleartext Storage in a File or on Disk
EUVDB-ID: #VU92106
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-38280
CWE-ID:
CWE-313 - Cleartext Storage in a File or on Disk
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to cleartext storage in a file or on disk. An attacker with physical access can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsVigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9
CPE2.3- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:*:*:*:*:*:*:*:*
- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:3.1.171.9:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use of hard-coded credentials
EUVDB-ID: #VU92109
Risk: Medium
CVSSv3.1: 7.3 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-38281
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code. A remote user on the local network can access the maintenance console using the hard-coded credentials.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsVigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9
CPE2.3- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:*:*:*:*:*:*:*:*
- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:3.1.171.9:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Insufficiently protected credentials
EUVDB-ID: #VU92110
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-38282
CWE-ID:
CWE-522 - Insufficiently Protected Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to insufficiently protected credentials. A local user can log into the camera's operating system and change the operations or shutdown the camera.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsVigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9
CPE2.3- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:*:*:*:*:*:*:*:*
- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:3.1.171.9:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Missing Encryption of Sensitive Data
EUVDB-ID: #VU92111
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-38283
CWE-ID:
CWE-311 - Missing Encryption of Sensitive Data
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to sensitive customer information is stored in the device without encryption. An attacker with physical access can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsVigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9
CPE2.3- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:*:*:*:*:*:*:*:*
- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:3.1.171.9:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Authentication Bypass by Capture-replay
EUVDB-ID: #VU92112
Risk: Medium
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-38284
CWE-ID:
CWE-294 - Authentication Bypass by Capture-replay
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the transmitted data is logged between the device and the backend service. A remote user can use these logs to perform a replay attack to replicate calls.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsVigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9
CPE2.3- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:*:*:*:*:*:*:*:*
- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:3.1.171.9:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Insufficiently protected credentials
EUVDB-ID: #VU92113
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-38285
CWE-ID:
CWE-522 - Insufficiently Protected Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the logs storing credentials are insufficiently protected. An attacker with physical access can use the open source tools and gain access to credentials on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsVigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9
CPE2.3- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:*:*:*:*:*:*:*:*
- cpe:2.3:h:motorola:vigilant_fixed_lpr_coms_box_bcav1f2-c600:3.1.171.9:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
