Lucene search
IcscertCVE-2024-38279HistoryJun 13, 2024 - 5:15 p.m.
CVE-2024-38279
2024-06-1317:15:51
CWE-288
icscert
web.nvd.nist.gov
22
cve-2024-38279
motorola solutions
authentication bypass
file system access
password hashes
CVSS4
5.1
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
9.0%
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Vigilant Fixed LPR Coms Box (BCAV1F2-C600)",
"vendor": "Motorola Solutions",
"versions": [
{
"lessThanOrEqual": "3.1.171.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2024-38279
2024-06-13 17:15:51
vulnrichment
vulnrichment
ics
ics
Motorola Solutions Vigilant License Plate Readers
2024-06-13 12:00:00
CVSS4
5.1
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-38279