CVE-2014-2379

Published: Sep 5, 2014Modified: May 6, 2026

5.4

Vector

AV:A/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 5.5 / Impact: 6.4

Source: NVD

Description

Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not use encryption, which allows remote attackers to interfere with traffic control by replaying transmissions on a wireless network.

Affected (11)

Products: Sensysnetworks: Trafficdot, Vds, Vsn240 F, Vsn240 T

4 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Sensysnetworks Trafficdot	Up to 2.10.2
Sensysnetworks Trafficdot	Version 2.10.0
Sensysnetworks Trafficdot	Version 2.10.1
Sensysnetworks Trafficdot	Version 2.8.3

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Sensysnetworks Vds	Up to 2.10.0
Sensysnetworks Vds	Version 1.8.5
Sensysnetworks Vds	Version 1.8.7
Sensysnetworks Vds	Version 2.6.3
Sensysnetworks Vds	Version 2.6.4
Sensysnetworks Vsn240 F	All versions
Sensysnetworks Vsn240 T	All versions

Related CWEs

CWE-310

CWE-311

Missing Encryption of Sensitive Data

The product does not encrypt sensitive or critical information before storage or transmission.

References (4)

http://www.sensysnetworks.com/distributors/

Source: ics-cert@hq.dhs.gov

http://www.sensysnetworks.com/resources-by-category/#sw

Source: ics-cert@hq.dhs.gov

https://www.cisa.gov/news-events/ics-advisories/icsa-14-247-01a

Source: ics-cert@hq.dhs.gov

https://ics-cert.us-cert.gov/advisories/ICSA-14-247-01

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

Timeline

No history available yet.