PT-2022-3161 · Emerson · Emerson Deltav

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV versions through 2022-04-29 Description: The issue is related to the misuse of passwords in Emerson DeltaV Distributed Control System DCS controllers and IO cards, allowing an attacker to gain unauthorized access to protected...

PT-2022-3091 · Motorola · Motorola Ace1000 Rtu

Name of the Vulnerable Software and Affected Versions: Motorola ACE1000 RTU versions prior to 2022-05-02 Description: The issue is related to the use of hardcoded credentials in the XRT LAN-to-radio gateway and XNL microcode software of the Motorola ACE1000 RTU. This allows a remote attacker to...

PT-2022-3160 · Emerson · Emerson Deltav Distributed Control System

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 Description: The issue is related to the misuse of passwords and the use of hardcoded credentials in the TELNET service on port 18550, which provides...

PT-2022-3157 · Emerson · Emerson Deltav Distributed Control System

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 Description: The issue is related to the misuse of passwords and the presence of hardcoded credentials in the FTP service of the Emerson DeltaV...

PT-2022-3083 · Honeywell · Honeywell Controledge

Name of the Vulnerable Software and Affected Versions: Honeywell ControlEdge versions through R151.1 Description: The issue is related to the use of hard-coded credentials in the Honeywell ControlEdge programmable logic controllers. This could allow a remote attacker to gain elevated privileges...

PT-2022-3178 · Honeywell +1 · Honeywell Experion Pks Safety Manager +1

Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS Safety Manager version 5.02 Description: The issue is related to the use of hard-coded credentials in the Honeywell Experion PKS Safety Manager. The affected component is the POLO bootloader. An attacker with access to...

PT-2022-3154 · Bently Nevada · Bently Nevada 3700 Series

Name of the Vulnerable Software and Affected Versions: Bently Nevada 3700 series versions through 2022-04-29 Description: The issue is related to the use of hardcoded credentials in the maintenance interface of the Bently Nevada 3700 series. This interface is accessible on port 4001/TCP. An...

Infiray IRAY-A8Z3 1.0.957 Code Execution / Overflow / Hardcoded Credentials

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Infiray IRAY-A8Z3 thermal camera vulnerable version: V1.0.957 fixed version: None CVE number: CVE-2022-31208, CVE-2022-31209,...

Infiray IRAY-A8Z3 thermal camera 安全漏洞

The Infiray IRAY-A8Z3 thermal camera is a thermal camera from the Chinese company Infiray. A security vulnerability exists in the Infiray IRAY-A8Z3 thermal camera version 1.0.957, which originates from the use of hard-coded Web credentials, authenticated remote code execution, buffer overflow,...

Hardcoded credentials

All versions of package @discordjs/opus are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash...

CVE-2022-31619

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.13, Teamcenter V13.0 All versions V13.0.0.9, Teamcenter V13.1 All versions V13.1.0.9, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.3, Teamcenter V14.0 All versions V14.0.0.2. Java EE...

Hardcoded credentials

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.13, Teamcenter V13.0 All versions V13.0.0.9, Teamcenter V13.1 All versions V13.1.0.9, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.3, Teamcenter V14.0 All versions V14.0.0.2. Java EE...

CVE-2022-31619

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.13, Teamcenter V13.0 All versions V13.0.0.9, Teamcenter V13.1 All versions V13.1.0.9, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.3, Teamcenter V14.0 All versions V14.0.0.2. Java EE...

PT-2022-20874 · Siemens · Teamcenter

Name of the Vulnerable Software and Affected Versions: Teamcenter versions prior to V12.4.0.13 Teamcenter versions prior to V13.0.0.9 Teamcenter versions prior to V13.1.0.9 Teamcenter versions prior to V13.2.0.9 Teamcenter versions prior to V13.3.0.3 Teamcenter versions prior to V14.0.0.2...

Hardcoded credentials

A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title leads to improper restriction of rendered ui layers URL. It is possible to launch the attack remotely...

Hardcoded credentials

Rakuten Casa version APFV141 or APFV200 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation...

Update now! Patch against vulnerabilities in Meeting Owl Pro and Whiteboard Owl devices

After a decent amount of pressure, Owl Labs has finally released updates for vulnerabilities in Meeting Owl, and Whiteboard Owl cameras. The vulnerabilities were reported to Owl Labs in January, One of the vulnerabilities, CVE-2022-31460 has been added to the Known exploited vulnerabilities catal...

Hardcoded credentials

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key...

Hardcoded credentials

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key...

Hardcoded credentials

Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...