CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38280 – Cleartext Storage in a File or on Disk in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
https://notcve.org/view.php?id=CVE-2024-38280
An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text. Un usuario no autorizado puede obtener acceso a datos confidenciales, incluidas las credenciales, recuperando físicamente el disco duro del producto, ya que los datos se almacenan en texto plano. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19 • CWE-313: Cleartext Storage in a File or on Disk •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38279 – Authentication Bypass Using an Alternate Path or Channel in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
https://notcve.org/view.php?id=CVE-2024-38279
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes. El producto afectado es vulnerable a que un atacante modifique el gestor de arranque mediante el uso de argumentos personalizados para eludir la autenticación y obtener acceso al sistema de archivos y obtener hashes de contraseña. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •