CVE-2022-28812

🗓️ 28 Sep 2022 13:45:33Reported by CERTVDEType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 51 Views

Carlo Gavazzi UWP3.0 & CPY Car Park Server versions have hard-coded credentials, allowing remote attacker SuperUser access

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2022-28812	27 Sep 202219:26	–	circl
CNNVD	Carlo Gavazzi UWP 信任管理问题漏洞	28 Sep 202200:00	–	cnnvd
Cvelist	CVE-2022-28812 Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server.	28 Sep 202213:45	–	cvelist
EUVD	EUVD-2022-33250	3 Oct 202520:07	–	euvd
NVD	CVE-2022-28812	28 Sep 202214:15	–	nvd
Prion	Hardcoded credentials	28 Sep 202214:15	–	prion
Positive Technologies	PT-2022-19252 · Carlo Gavazzi · Carlo Gavazzi Uwp3.0	27 Sep 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-28812	5 Feb 202520:55	–	redhatcve
Vulnrichment	CVE-2022-28812 Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server.	28 Sep 202213:45	–	vulnrichment

NVD

Vulners

Node

gavazziautomation cpy_car_park_serverRange<2.8.3

Node

gavazziautomation uwp_3.0_monitoring_gateway_and_controller_firmwareRange<8.5.0.3

AND

gavazziautomation uwp_3.0_monitoring_gateway_and_controllerMatch-

Node

gavazziautomation uwp_3.0_monitoring_gateway_and_controller_firmwareRange<8.5.0.3edp

AND

gavazziautomation uwp_3.0_monitoring_gateway_and_controllerMatch-edp

Node

gavazziautomation uwp_3.0_monitoring_gateway_and_controller_firmwareRange<8.5.0.3security_enhanced

AND

gavazziautomation uwp_3.0_monitoring_gateway_and_controllerMatch-security_enhanced

[
  {
    "product": "UWP 3.0 Monitoring Gateway and Controller",
    "vendor": "Carlo Gavazzi",
    "versions": [
      {
        "lessThan": "8.5.0.3",
        "status": "affected",
        "version": "8",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "UWP 3.0 Monitoring Gateway and Controller – Security Enhanced",
    "vendor": "Carlo Gavazzi",
    "versions": [
      {
        "lessThan": "8.5.0.3",
        "status": "affected",
        "version": "8",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "UWP 3.0 Monitoring Gateway and Controller – EDP version",
    "vendor": "Carlo Gavazzi",
    "versions": [
      {
        "lessThan": "8.5.0.3",
        "status": "affected",
        "version": "8",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "CPY Car Park Server",
    "vendor": "Carlo Gavazzi",
    "versions": [
      {
        "lessThan": "2.8.3",
        "status": "affected",
        "version": "2",
        "versionType": "custom"
      }
    ]
  }
]