#VU89864 Weak Encoding for Password in CSI Web Server and RTMC Pro - CVE-2024-5434

Cybersecurity Help s.r.o.

Published: 2024-05-29

Vulnerability identifier: #VU89864

Vulnerability risk: Low

CVSSv4.0: 4.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-5434

CWE-ID: CWE-261

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
CSI Web Server
Server applications / Other server solutions
RTMC Pro
Server applications / Other server solutions

Vendor: Campbell Scientific

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the passwords are stored in a weakly encoded format. A remote attacker on the local network can retrieve the credentials from another user.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

CSI Web Server: 1.6

RTMC Pro: 5.0

External links
http://www.cisa.gov/news-events/ics-advisories/icsa-24-149-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Campbell Scientific CSI Web Server and RTMC Pro