Main Vulnerability Database Vulnerabilities #VU97762

#VU97762 Unprotected storage of credentials in Smart-tab - CVE-2024-42496

Published: September 30, 2024

Vulnerability identifier: #VU97762

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-42496

CWE-ID: CWE-256

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Smart-tab

Software vendor:
Techno Support Company

Description

The vulnerability allows a local attacker to gain access to sensitive information.

The vulnerability exists due to application stored credentials in plain text in a configuration file on the system. An attacer with physical access can retrieve the credential information and spoof the device to access the related external service.

Remediation

Install updates from vendor's website.

External links

https://jvn.jp/en/jp/JVN42445661/index.html

#VU97762 Unprotected storage of credentials in Smart-tab - CVE-2024-42496

Description

Remediation

External links

Please verify you're human