Lucene search
IcscertVULNRICHMENT:CVE-2024-38279HistoryJun 13, 2024 - 5:00 p.m.
CVE-2024-38279 Authentication Bypass Using an Alternate Path or Channel in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
2024-06-1317:00:20
CWE-288
icscert
github.com
8
cve-2024-38279
authentication bypass
motorola solutions
vigilant
fixed lpr
coms box
bootloader
file system
password hashes
CVSS4
5.1
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N
AI Score
7.5
Confidence
Low
EPSS
0
Percentile
9.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes.
CNA Affected
[
{
"vendor": "Motorola Solutions",
"product": "Vigilant Fixed LPR Coms Box (BCAV1F2-C600)",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "3.1.171.9"
}
],
"defaultStatus": "unaffected"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:motorolasolutions:vigilant_fixed_lpr_coms_box_bcav1f2_c600:3.1.171.9:*:*:*:*:*:*:*"
],
"vendor": "motorolasolutions",
"product": "vigilant_fixed_lpr_coms_box_bcav1f2_c600",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "3.1.171.9"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2024-38279
2024-06-13 17:15:51
cve
cve
CVE-2024-38279
2024-06-13 17:15:51
ics
ics
Motorola Solutions Vigilant License Plate Readers
2024-06-13 12:00:00
CVSS4
5.1
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N
AI Score
7.5
Confidence
Low
EPSS
0
Percentile
9.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-38279