Avtec CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Avtec CVE published 2024-08-22

CVE-2024-42418

Avtec Outpost 0810 and Outpost Uploader Utility versions prior to 5.0.0 use a default cryptographic key that can be used to decrypt sensitive information. This vulnerability was disclosed by CISA on August 22, 2024, with a CVSS 3.1 score of 7.5 (HIGH). The issue stems from hardcoded or default cryptographic material that allows network-accessible attackers to decrypt sensitive data without authentication.

HIGH Avtec CVE published 2024-08-22

CVE-2024-39776

Avtec Outpost 0810 stores sensitive information in an insecure location without proper access controls, allowing network-based attackers to access confidential data without authentication. The vulnerability affects Outpost 0810 and Outpost Uploader Utility versions prior to 5.0.0. CISA published this advisory on August 22, 2024 as ICSA-24-235-04.