CVE-2024-45494

Name of the Vulnerable Software and Affected Versions: MSA FieldServer Gateway versions 5.0.0 through 6.5.2

Description: An issue was discovered in the FieldServer Gateway, where an internally used shared administrative user account is present on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected firmware versions.

Recommendations: For versions 5.0.0 through 6.5.2, update to version 7.0.0 to resolve the issue. As a temporary workaround, consider restricting access to the shared administrative user account until the update can be applied.