CVE-2024-45862

Summary

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.

Affected Software

VendorProductVersion RangeStatus
Kastle SystemsAccess Control System0 < May 01, 2024affected

Weaknesses

  • CWE-312: CWE-312 Cleartext Storage of Sensitive Information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References