CVE-2024-7408
MEDIUMAirveda PM2.5 PM10 Monitor Firmware < 7.4.4.39 - Cleartext Transmission of Sensitive Information during AP Pairing
Title source: llmDescription
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of sensitive information in plain text during AP pairing mode. An attacker in close proximity could exploit this vulnerability by capturing Wi-Fi traffic of Airveda-AP. Successful exploitation of this vulnerability could allow the attacker to cause Evil Twin attack on the targeted system.
References (1)
Core 1
Core References
Third Party Advisory third-party-advisory
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0233
Scores
CVSS v3
6.5
EPSS
0.0026
EPSS Percentile
16.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-319
Status
published
Products (1)
airveda/pm2.5_pm10_monitor_firmware
< 7.4.4.39
Published
Aug 12, 2024
Tracked Since
Feb 18, 2026