Vulnerability Description
An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.
CVSS Score
4.6
MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Motorola | Vigilant Fixed Lpr Coms Box Firmware | <= 3.1.171.9 |
| Motorola | Vigilant Fixed Lpr Coms Box | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19Third Party AdvisoryUS Government Resource
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2024-38280?
CVE-2024-38280 is a vulnerability with a CVSS score of 4.6 (MEDIUM). An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.
How severe is CVE-2024-38280?
CVE-2024-38280 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-38280?
Check the references section above for vendor advisories and patch information. Affected products include: Motorola Vigilant Fixed Lpr Coms Box Firmware, Motorola Vigilant Fixed Lpr Coms Box.