What is the severity of CVE-2024-6785?

CVE-2024-6785 is considered a high severity vulnerability due to the potential for sensitive information exposure.

How do I fix CVE-2024-6785?

To fix CVE-2024-6785, ensure that the configuration file does not store sensitive credentials in cleartext and implement proper encryption methods.

What types of systems are affected by CVE-2024-6785?

CVE-2024-6785 affects Moxa MXView One and MXView One Central Manager software, particularly versions up to 1.4.1 and exactly 1.0.0 respectively.

What potential risks are associated with CVE-2024-6785?

The risks associated with CVE-2024-6785 include unauthorized local access, modification of configuration files, and abuse of services leading to exposure of sensitive information.

Who can exploit CVE-2024-6785?

An attacker with local access rights can exploit CVE-2024-6785 to read or modify the vulnerable configuration files.

Vulnerability/
CVE-2024-6785

high

7.1

CWE

313 312

21/9/2024

27/9/2024

CVE-2024-6785: MXview One and MXview One Central Manager Series store cleartext credentials in a local file

First published: Sat Sep 21 2024(Updated: )

The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.

Credit: psirt@moxa.com

Affected Software	Affected Version	How to fix
Moxa MXview One Series	<1.4.1
Moxa MXview One Series	=1.0.0

Remedy

Moxa has developed appropriate solutions to address vulnerability. The solutions for affected products are listed below. * MXview One Series: Upgrade to the 1.4.1 version * MXview One Central Manager Series: Upgrade to the 1.0.3 version

Remedy

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-6785?
CVE-2024-6785 is considered a high severity vulnerability due to the potential for sensitive information exposure.
How do I fix CVE-2024-6785?
To fix CVE-2024-6785, ensure that the configuration file does not store sensitive credentials in cleartext and implement proper encryption methods.
What types of systems are affected by CVE-2024-6785?
CVE-2024-6785 affects Moxa MXView One and MXView One Central Manager software, particularly versions up to 1.4.1 and exactly 1.0.0 respectively.
What potential risks are associated with CVE-2024-6785?
The risks associated with CVE-2024-6785 include unauthorized local access, modification of configuration files, and abuse of services leading to exposure of sensitive information.
Who can exploit CVE-2024-6785?
An attacker with local access rights can exploit CVE-2024-6785 to read or modify the vulnerable configuration files.

agent/type
agent/first-publish-date
agent/description
agent/author
agent/event
agent/title
agent/references
agent/severity
agent/last-modified-date
agent/remedy
agent/weakness
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/moxa
canonical/moxa mxview one series
version/moxa mxview one series/1.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.