CVE-2022-44612

Use of hard-coded credentials in some IntelR UnisonTM software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access...

CVE-2022-44612

Use of hard-coded credentials in some IntelR UnisonTM software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access...

CVE-2022-44612

CVE-2022-44612 affects Intel® Unison™ software prior to version 10.12. The vulnerability stems from use of hard-coded credentials in affected components, enabling an authenticated user with local access to potentially disclose information. Public sources from Intel and related advisories confirm ...

CVE-2022-44612

Use of hard-coded credentials in some IntelR UnisonTM software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access...

Intel Unison Trust Management Issue Vulnerability

Intel Unison is a US-based Intel application used to synchronize various data before PCs and smartphones. A security vulnerability exists in Intel Unison versions prior to 10.12 that stems from the use of hard-coded credentials. An attacker exploiting the vulnerability could gain access to...

PT-2023-14517 · Intel · Intel Unison

Name of the Vulnerable Software and Affected Versions: IntelR UnisonTM versions prior to 10.12 Description: The issue involves the use of hard-coded credentials in some IntelR UnisonTM software, which may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2023-37858 PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password...

CVE-2023-37857 PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to...

CVE-2023-37857 PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to...

CVE-2023-33372

Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT. An attacker who gained access to these credentials is able to connect to the MQTT broker and send messages on behalf of devices, impersonating them...

CVE-2023-33372

Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT. An attacker who gained access to these credentials is able to connect to the MQTT broker and send messages on behalf of devices, impersonating them...

Authentication flaw

Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT. An attacker who gained access to these credentials is able to connect to the MQTT broker and send messages on behalf of devices, impersonating them...

CVE-2023-33372

Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT. An attacker who gained access to these credentials is able to connect to the MQTT broker and send messages on behalf of devices, impersonating them...

Connected IO Trust Management Issues Vulnerability

Connected IO is a leading hardware, software and cloud-based IoT and machine-to-machine solution from US-based Connected IO, Inc. A security vulnerability previously existed in Connected IO version v2.1.0 that stemmed from the use of hard-coded username/password pairs embedded in its device...

CVE-2023-33372

Affected software: Connected IO v2.1.0 and prior. Vulnerability details: uses a hard-coded username/password pair embedded in device firmware for MQTT communication. Impact: an attacker with access to these credentials can connect to the MQTT broker, send messages on behalf of devices, impersonat...

PT-2023-24321 · Unknown · Connected Io

Name of the Vulnerable Software and Affected Versions: Connected IO versions 2.1.0 and prior Description: The issue concerns the use of a hard-coded username/password pair in the device's firmware for communication via MQTT. An attacker gaining access to these credentials can connect to the MQTT...

Moxa AWK-3131A Series Industrial AP/Bridge/Client Use of Hard-Coded Credentials (CVE-2019-5139)

An exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. This plugin only works with...

Moxa AWK-3131A Hard-coded Administrator Credentials (CVE-2016-8717)

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices. This...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Use of Hard-Coded Credentials (CVE-2020-6981)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Moxa EDR-G903 series Hard-coded Credentials (CVE-2012-4712)

Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...