What is CVE-2024-6785?

CVE-2024-6785 is a medium-severity vulnerability in Moxa Mxview One Central Manager Series, classified under Cleartext Storage in a File or on Disk. CVSS score: 5.5/10. Published 2024-09-21.

How severe is CVE-2024-6785?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Is CVE-2024-6785 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Moxa Mxview One Central Manager Series

CVE-2024-6785

The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.

EPSS: 0.001 (22.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Moxa Mxview One Central Manager Series — versions 0
Moxa Mxview One Series — versions 0

Weakness classification (CWE)

CWE-313 — Cleartext Storage in a File or on Disk

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-… (vendor-advisory)
www.cisa.gov/news-events/ics-advisories/icsa-24-268-05 (third-party-advisory)

Frequently asked questions

What is CVE-2024-6785?: CVE-2024-6785 is a medium-severity vulnerability in Moxa Mxview One Central Manager Series, classified under Cleartext Storage in a File or on Disk. CVSS score: 5.5/10. Published 2024-09-21.
How severe is CVE-2024-6785?: Medium severity. CVSS v3 base score is 5.5 out of 10.
Is CVE-2024-6785 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.