CVE-2024-3082

MEDIUM EPSS 1.8%

Published Jul 31, 20241y ago · Modified Jun 17, 20261w ago

4.6 CVSS 3.1

Medium

Published Jul 31, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers (e.g., full-disk encryption) have been enabled.

CVSS Details

Base Score

4.6

Exploitability

0.9

Impact

3.6

Vector string

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector Physical

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity None

Availability None

Threat Intelligence

EPSS Exploit Probability

1.8% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 2

CWE-256

CWE-522

Affected Products 2

Vendor	Product	Version	Range
proges	sensor_net_connect_firmware_v2	2.24	any
proges	sensor_net_connect_v2	*	any

References 1

nozominetworks.com https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3082

Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.