CVE-2024-34542 MEDIUM

CVE-2024-34542: Advantech ADAM-5630 Weak Encoding for Password

Vendor Advantech
Product ADAM-5630
Weakness CWE-261
Published September 27, 2024
Last update September 27, 2024

CVSS base score

5.7/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process.

Key dates

02Disclosure timeline

September 27, 2024 CVE published
September 27, 2024 Record updated