CVE-2024-55027
Published: 03 March 2026
Summary
CVE-2024-55027 is a high-severity Cleartext Storage of Sensitive Information (CWE-312) vulnerability in Weintek Easyweb. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 1.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-28 (Protection of Information at Rest).
Deeper analysis
CVE-2024-55027 affects Weintek cMT-3072XH2 devices running easyweb v2.1.53 and OS v20231011. The vulnerability involves the storage of credentials in plaintext within the uac_temp.db component, as identified by CWEs-312 (Cleartext Storage of Sensitive Information) and CWE-798 (Use of Hard-coded Credentials). It has a CVSS v3.1 base score of 7.5, reflecting high confidentiality impact with network accessibility, low attack complexity, no privileges or user interaction required, and unchanged scope.
Unauthenticated remote attackers can exploit this vulnerability over the network with low complexity and no user interaction. Successful exploitation allows attackers to access the uac_temp.db component and extract sensitive credentials stored in plaintext, potentially enabling further unauthorized access to the device or related systems.
Advisories detailing the issue are available at https://gist.github.com/AenganZ/f86ed0da28825a1432ec697f484622de and https://plain-trick-71d.notion.site/weintek-cMT-3072XH2-14687a89c4c181eeb21ad61e0392f34b?pvs=4. The CVE was published on 2026-03-03T20:16:41.893.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-55466
Vulnerability details
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uac_temp.db.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability is cleartext credential storage in a file (uac_temp.db), directly enabling T1552.001 for credential access.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires cryptographic or equivalent protection for sensitive information (credentials) stored at rest in uac_temp.db, eliminating the plaintext exposure described in CWE-312.
Mandates secure generation, storage, and protection of authenticators so they are never maintained in plaintext or hard-coded form as noted in CWE-798.
Enforces access control mechanisms that would restrict unauthenticated network retrieval of the credential database even if plaintext storage occurs.