PT-2024-31818 · Kastle Systems · Kastle Systems Firmware

Adam Foster

+1

·

Published

2024-09-19

·

Updated

2024-09-30

·

CVE-2024-45862

CVSS v4.0

8.7

High

VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions Kastle Systems firmware prior to May 1, 2024
Description The issue concerns the storage of machine credentials in cleartext, which may allow an attacker to access sensitive information.
Recommendations For Kastle Systems firmware prior to May 1, 2024, update to a version released after May 1, 2024, to resolve the issue.

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-312

Related Identifiers

CVE-2024-45862

Affected Products

Kastle Systems Firmware