CVE-2024-0556

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-261
View all →

Vulnerability Description

A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user to intercept the traffic and retrieve the credentials from another user and decode it in base64 allowing the attacker to see the credentials in plain text.

Related Vulnerabilities

CVE-2025-26401

MEDIUM
CVSS:6.5(Medium)

Weak encoding for password vulnerability exists in HMI ViewJet C-more series. If this vulnerability is exploited, authentication information may be obtained by a local authenticated attacker.

CWE-2612025

CVE-2023-43776

MEDIUM
CVSS:6.6(Medium)

Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. It was observed that the device password was stored with a weak en...

CWE-2612023

CVE-2020-10919

MEDIUM
CVSS:5.9(Medium)

This vulnerability allows remote attackers to disclose sensitive information on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to ex...

CWE-2612020

CVE-2024-8455

MEDIUM
CVSS:5.9(Medium)

The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user pa...

CWE-2612024

CVE-2024-23492

MEDIUM
CVSS:5.7(Medium)

A weak encoding is used to transmit credentials for WS203VICM.

CWE-2612024

CVE-2024-34542

MEDIUM
CVSS:5.7(Medium)

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process.

CWE-2612024