CVE-2024-40750 identifies a vulnerability in Linksys Velop Pro 6E mesh Wi-Fi systems, specifically versions MX6200_1.0.8.215731 and 7 1.0.10.215314. The flaw involves the transmission of Wi-Fi passwords in cleartext over the public Internet during the app-based installation process. This means that when users set up their devices using the official app, the Wi-Fi credentials are sent without encryption, exposing them to interception by attackers monitoring the network traffic. The vulnerability is classified under CWE-312, which relates to the cleartext storage or transmission of sensitive information. The CVSS 3.1 base score is 5.3 (medium), reflecting that the attack vector is local (AV:L), requires low privileges (PR:L), and no user interaction (UI:N) is needed. The impact affects confidentiality, integrity, and availability to a limited degree (C:L/I:L/A:L). No patches or fixes have been released at the time of publication, and there are no known exploits in the wild. This vulnerability could allow attackers on the same local network or with access to the communication path to capture Wi-Fi passwords, potentially enabling unauthorized network access and further attacks.

The primary impact of this vulnerability is the exposure of Wi-Fi passwords during device setup, which compromises the confidentiality of network credentials. Attackers who intercept these cleartext transmissions can gain unauthorized access to the victim’s Wi-Fi network, potentially leading to further network intrusion, data theft, or lateral movement within the network. Although the vulnerability requires local network access or the ability to monitor traffic between the device and the app, the risk is significant in environments where network traffic is not adequately segmented or encrypted. The integrity and availability impacts are limited but present, as attackers with network access could disrupt or manipulate network traffic. Organizations relying on Linksys Velop Pro 6E devices may face increased risk of unauthorized access, especially in enterprise or sensitive environments where Wi-Fi security is critical. The lack of patches increases exposure duration, emphasizing the need for interim mitigations.

To mitigate this vulnerability, organizations should avoid using the app-based installation process over untrusted or public networks. Installation should be performed in a secure, isolated network environment where traffic interception is minimized. Network segmentation can limit exposure by isolating device setup traffic from sensitive network segments. Employing VPNs or encrypted tunnels during device setup can help protect credentials from interception. Monitoring network traffic for unusual activity during and after installation can detect potential exploitation attempts. Users should regularly update device firmware and monitor Linksys advisories for patches addressing this issue. If possible, consider alternative setup methods that do not transmit sensitive information in cleartext. Additionally, changing Wi-Fi passwords immediately after installation and restricting administrative access to the devices can reduce risk.