CVE-2024-38280 HIGH

CVE-2024-38280: Cleartext Storage in a File or on Disk in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)

Vendor Motorola Solutions
Product Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Weakness CWE-313
Published June 13, 2024
Last update August 2, 2024

CVSS base score

7.0/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.

Key dates

02Disclosure timeline

June 13, 2024 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE