CVE-2024-7408 Vulnerability Details

  /     /     /  

CVE-2024-7408 Metadata Quick Info

CVE Published: 09/08/2024 | CVE Updated: 09/08/2024 | CVE Year: 2024
Source: CERT-In | Vendor: Airveda | Product: Air Quality Monitor PM2.5 PM10
Status : PUBLISHED

CVE-2024-7408 Description

This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of sensitive information in plain text during AP pairing mode. An attacker in close proximity could exploit this vulnerability by capturing Wi-Fi traffic of Airveda-AP. Successful exploitation of this vulnerability could allow the attacker to cause Evil Twin attack on the targeted system.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-319
CWE Name: CWE-319 Cleartext Transmission of Sensitive Information
Source: Airveda

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID: CAPEC-65
CAPEC Description: CAPEC-65 Sniff Application Code


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2024-7408 Vulnerability Details