CVE-2019-25279
Cleartext Password Storage in FaceSentry 6.4.8 Enables Credential Exposure
Publication date: 2026-01-08
Last updated on: 2026-01-08
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| iwt_ltd | facesentry_access_control_system | 6.4.8 |
| iwt_ltd | facesentry_access_control_system | to 6.4.8 (exc) |
| iwt_ltd | facesentry_access_control_system | 5.7.2 |
| iwt_ltd | facesentry_access_control_system | 5.7.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-312 | The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability involves cleartext storage of sensitive login credentials, which can lead to unauthorized access to the system. This exposure of sensitive information could potentially violate data protection requirements under common standards and regulations such as GDPR and HIPAA, which mandate secure handling and protection of personal and sensitive data. However, specific impacts on compliance are not detailed in the provided resources. [1]
Can you explain this vulnerability to me?
The vulnerability in FaceSentry Access Control System version 6.4.8 involves cleartext storage of credentials used to access the device's web front end. Specifically, sensitive login information is stored unencrypted in the SQLite database file located at /faceGuard/database/FaceSentryWeb.sqlite. This allows attackers to directly read these credentials without needing additional authentication. [1]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to the FaceSentry system by exposing sensitive login credentials stored in cleartext. Attackers who gain access to the device's database file can retrieve these credentials and potentially compromise the access control system, undermining security and allowing unauthorized entry or manipulation of access permissions. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of the unencrypted credentials stored in the SQLite database file located at /faceGuard/database/FaceSentryWeb.sqlite on the device. On the affected Linux-based system, you can use commands to inspect this file directly. For example, use the sqlite3 command-line tool to open and query the database: `sqlite3 /faceGuard/database/FaceSentryWeb.sqlite "SELECT * FROM users;"` (assuming a users table or similar). Additionally, you can check for the existence of the file with `ls -l /faceGuard/database/FaceSentryWeb.sqlite`. Since the device runs Linux and uses PHP and lighttpd, scanning for this file and inspecting its contents for cleartext credentials can confirm the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the device and its filesystem to trusted administrators only, especially limiting access to the /faceGuard/database/FaceSentryWeb.sqlite file to prevent unauthorized reading. Network segmentation and firewall rules should be applied to limit access to the device's management interfaces. Since the vulnerability involves cleartext password storage with no vendor patch available, consider disabling or restricting the web front end access if possible. Monitoring and logging access attempts to the device can help detect exploitation attempts. Ultimately, replacing or upgrading the device firmware when a fix becomes available is recommended. [1]