Vulnerability Description
This vulnerability exists in Philips lighting devices due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the plaintext Wi-Fi credentials stored on the vulnerable device. Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to the Wi-Fi network to which vulnerable device is connected.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-9991?
CVE-2024-9991 is a documented vulnerability. This vulnerability exists in Philips lighting devices due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting th...
How severe is CVE-2024-9991?
CVSS scoring is not yet available for CVE-2024-9991. Check NVD for updates.
Is there a patch for CVE-2024-9991?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.