#VU92113 Insufficiently protected credentials in Vigilant Fixed LPR Coms Box (BCAV1F2-C600) - CVE-2024-38285
Published: June 14, 2024
Vulnerability identifier: #VU92113
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-38285
CWE-ID: CWE-522
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Software vendor:
Motorola
Motorola
Description
The vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the logs storing credentials are insufficiently protected. An attacker with physical access can use the open source tools and gain access to credentials on the system.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.