Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00022
Percentile:
0.04193
CVSS Scoring
CVSS v3.1 Score: 5.5
Severity: MEDIUM
Mapped CWE(s)
-
CWE-326
: Inadequate Encryption Strength
All CAPEC(s)
-
CAPEC-112: Brute Force
-
CAPEC-192: Protocol Analysis
-
CAPEC-20: Encryption Brute Forcing
CAPEC(s) with Mapped TTPs
-
CAPEC-112: Brute Force
Mapped TTPs:
Mapped ATT&CK TTPs
-
T1110
: Brute Force
Kill Chain: credential-access
Malware
APTs Threat Group Associations
Campaigns
- 2016 Ukraine Electric Power Attack
- Operation Dream Job
Affected Products
- cpe:2.3:a:mdaemon:mdaemon:*:*:*:*:*:*:*:*
← Back to Home