Sensitive Information Exposure Risk Due to Cleartext Credentials Storage
CVE-2024-6785

7.1HIGH

Key Information:

Vendor: Moxa
Status: Mxview One Series; Mxview One Central Manager Series
Vendor: CVE Published:; 21 September 2024

What is CVE-2024-6785?

A vulnerability in the Moxa MXView and MXView One Central Manager series allows for credential storage in cleartext within the configuration file. This may enable an attacker with local access rights to read or modify the configuration file. The implications of this vulnerability could lead to the exposure of sensitive information and potential misuse of the service, threatening the overall security posture of affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MXview One Central Manager Series 0 < 1.0.0

MXview One Series 0 < 1.3.0

References

https://www.moxa.com/en/support/product-support/security-...

vendor-advisory

https://www.cisa.gov/news-events/ics-advisories/icsa-24-2...

third-party-advisory

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 21, 2024
Vulnerability Reserved
Jul 16, 2024

Credit

Noam Moshe of Claroty Research - Team82

JSON

Moxa

What is CVE-2024-6785?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.