CVE-2024-42418

Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information.
References
Link Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-235-04 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:avtecinc:outpost_uploader_utility:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:avtecinc:outpost_0810_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:avtecinc:outpost_0810:-:*:*:*:*:*:*:*

History

04 Sep 2024, 18:22

Type Values Removed Values Added
First Time Avtecinc outpost 0810
Avtecinc
Avtecinc outpost 0810 Firmware
Avtecinc outpost Uploader Utility
CPE cpe:2.3:a:avtecinc:outpost_uploader_utility:*:*:*:*:*:*:*:*
cpe:2.3:o:avtecinc:outpost_0810_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:avtecinc:outpost_0810:-:*:*:*:*:*:*:*
References () https://www.cisa.gov/news-events/ics-advisories/icsa-24-235-04 - () https://www.cisa.gov/news-events/ics-advisories/icsa-24-235-04 - Third Party Advisory, US Government Resource

23 Aug 2024, 16:18

Type Values Removed Values Added
Summary
  • (es) Avtec Outpost utiliza una clave criptográfica predeterminada que se puede utilizar para descifrar información confidencial.

22 Aug 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-22 20:15

Updated : 2024-09-04 18:22


NVD link : CVE-2024-42418

Mitre link : CVE-2024-42418

CVE.ORG link : CVE-2024-42418


JSON object : View

Products Affected

avtecinc

  • outpost_0810
  • outpost_0810_firmware
  • outpost_uploader_utility
CWE
CWE-321

Use of Hard-coded Cryptographic Key