CVE-2024-38280

MEDIUM

Motorola Vigilant Fixed LPR COMS Box Firmware <= 3.1.171.9 - Cleartext Credential Storage

Title source: llm

Description

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.

References (1)

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19

Scores

CVSS v3 4.6

EPSS 0.0009

EPSS Percentile 24.7%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-312 CWE-313

Status published

Products (1)

motorola/vigilant_fixed_lpr_coms_box_firmware < 3.1.171.9

Published Jun 13, 2024

Tracked Since Feb 18, 2026