Multiple vulnerabilities in Motorola Solutions Vigilant License Plate Readers

1) Authentication bypass using an alternate path or channel

EUVDB-ID: #VU92103

Risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-38279

CWE-ID: CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the authentication bypass using an alternate path or channel. An attacker with physical access can modify the bootloader by using custom arguments to bypass authentication, gain access to the file system and obtain password hashes.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Vigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Cleartext Storage in a File or on Disk

EUVDB-ID: #VU92106

Risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-38280

CWE-ID: CWE-313 - Cleartext Storage in a File or on Disk

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to cleartext storage in a file or on disk. An attacker with physical access can gain unauthorized access to sensitive information on the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Vigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use of hard-coded credentials

EUVDB-ID: #VU92109

Risk: Medium

CVSSv3.1: 7.3 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-38281

CWE-ID: CWE-798 - Use of Hard-coded Credentials

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code. A remote user on the local network can access the maintenance console using the hard-coded credentials.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Vigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Insufficiently protected credentials

EUVDB-ID: #VU92110

Risk: Low

CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-38282

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

Description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to insufficiently protected credentials. A local user can log into the camera's operating system and change the operations or shutdown the camera.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Vigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Missing Encryption of Sensitive Data

EUVDB-ID: #VU92111

Risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-38283

CWE-ID: CWE-311 - Missing Encryption of Sensitive Data

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to sensitive customer information is stored in the device without encryption. An attacker with physical access can gain unauthorized access to sensitive information on the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Vigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Authentication Bypass by Capture-replay

EUVDB-ID: #VU92112

Risk: Medium

CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-38284

CWE-ID: CWE-294 - Authentication Bypass by Capture-replay

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to the transmitted data is logged between the device and the backend service. A remote user can use these logs to perform a replay attack to replicate calls.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Vigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Insufficiently protected credentials

EUVDB-ID: #VU92113

Risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-38285

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to the logs storing credentials are insufficiently protected. An attacker with physical access can use the open source tools and gain access to credentials on the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Vigilant Fixed LPR Coms Box (BCAV1F2-C600): 3.1.171.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.