CVE-2023-41096

MEDIUM Year: 2023
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-312
View all →

Vulnerability Description

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier.

Related Vulnerabilities

CVE-2020-15085

MEDIUM
CVSS:6.1(Medium)

In Saleor Storefront before version 2.10.3, request data used to authenticate customers was inadvertently cached in the browser's local storage mechanism, including credentials. A malicious user with ...

CWE-3122020

CVE-2021-22929

MEDIUM
CVSS:6.1(Medium)

An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log.

CWE-3122021

CVE-2021-38150

MEDIUM
CVSS:6.1(Medium)

When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read...

CWE-3122021

CVE-2020-4095

MEDIUM
CVSS:6.0(Medium)

"BigFix Platform is storing clear text credentials within the system's memory. An attacker who is able to gain administrative privileges can use a program to create a memory dump and extract the crede...

CWE-3122020

CVE-2019-4566

MEDIUM
CVSS:6.2(Medium)

IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 166627.

CWE-3122019

CVE-2020-4884

MEDIUM
CVSS:6.2(Medium)

IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908.

CWE-3122020