What the vulnerability does

01Description

An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution.

Key dates

02Disclosure timeline

October 5, 2017 CVE published
August 5, 2024 Record updated