Lucene search
IcscertCVELIST:CVE-2024-38279HistoryJun 13, 2024 - 5:00 p.m.
CVE-2024-38279 Authentication Bypass Using an Alternate Path or Channel in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
2024-06-1317:00:20
CWE-288
icscert
www.cve.org
2
motorola solutions
vulnerability
authentication bypass
bootloader modification
file system access
password hashes
5.1 Medium
CVSS4
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N
0.0004 Low
EPSS
Percentile
9.1%
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Vigilant Fixed LPR Coms Box (BCAV1F2-C600)",
"vendor": "Motorola Solutions",
"versions": [
{
"lessThanOrEqual": "3.1.171.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-38279
2024-06-13 17:15:51
cve
cve
CVE-2024-38279
2024-06-13 17:15:51
ics
ics
Motorola Solutions Vigilant License Plate Readers
2024-06-13 12:00:00
5.1 Medium
CVSS4
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-38279