CVE-2022-28812 - OpenCVE

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gavazziautomation	Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Uwp 3.0 Monitoring Gateway And Controller Firmware

Configuration 1 [-]

cpe:2.3:a:gavazziautomation:cpy_car_park_server:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:edp:*:*:*:*:*

cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:edp:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:security_enhanced:*:*:*:*:*

cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:security_enhanced:*:*:*:*:*

No data.

References

Link	Providers
https://cert.vde.com/en/advisories/VDE-2022-029/

History

No history.

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2022-09-28T13:45:33

Updated: 2024-08-03T06:03:53.089Z

Reserved: 2022-04-08T00:00:00

Link: CVE-2022-28812

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-09-28T14:15:10.420

Modified: 2022-09-30T02:10:52.977

Link: CVE-2022-28812

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "UWP 3.0 Monitoring Gateway and Controller", "vendor": "Carlo Gavazzi", "versions": [{"lessThan": "8.5.0.3", "status": "affected", "version": "8", "versionType": "custom"}]}, {"product": "UWP 3.0 Monitoring Gateway and Controller \u2013 Security Enhanced", "vendor": "Carlo Gavazzi", "versions": [{"lessThan": "8.5.0.3", "status": "affected", "version": "8", "versionType": "custom"}]}, {"product": "UWP 3.0 Monitoring Gateway and Controller \u2013 EDP version", "vendor": "Carlo Gavazzi", "versions": [{"lessThan": "8.5.0.3", "status": "affected", "version": "8", "versionType": "custom"}]}, {"product": "CPY Car Park Server", "vendor": "Carlo Gavazzi", "versions": [{"lessThan": "2.8.3", "status": "affected", "version": "2", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Vera Mens from Claroty Research"}], "descriptions": [{"lang": "en", "value": "In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-28T13:45:33", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://cert.vde.com/en/advisories/VDE-2022-029/"}], "source": {"advisory": "VDE-2022-029", "discovery": "EXTERNAL"}, "title": "Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server.", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "info@cert.vde.com", "ID": "CVE-2022-28812", "STATE": "PUBLIC", "TITLE": "Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "UWP 3.0 Monitoring Gateway and Controller", "version": {"version_data": [{"version_affected": "<", "version_name": "8", "version_value": "8.5.0.3"}]}}, {"product_name": "UWP 3.0 Monitoring Gateway and Controller \u2013 Security Enhanced", "version": {"version_data": [{"version_affected": "<", "version_name": "8", "version_value": "8.5.0.3"}]}}, {"product_name": "UWP 3.0 Monitoring Gateway and Controller \u2013 EDP version", "version": {"version_data": [{"version_affected": "<", "version_name": "8", "version_value": "8.5.0.3"}]}}, {"product_name": "CPY Car Park Server", "version": {"version_data": [{"version_affected": "<", "version_name": "2", "version_value": "2.8.3"}]}}]}, "vendor_name": "Carlo Gavazzi"}]}}, "credit": [{"lang": "eng", "value": "Vera Mens from Claroty Research"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-798 Use of Hard-coded Credentials"}]}]}, "references": {"reference_data": [{"name": "https://cert.vde.com/en/advisories/VDE-2022-029/", "refsource": "CONFIRM", "url": "https://cert.vde.com/en/advisories/VDE-2022-029/"}]}, "source": {"advisory": "VDE-2022-029", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:03:53.089Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert.vde.com/en/advisories/VDE-2022-029/"}]}]}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2022-28812", "datePublished": "2022-09-28T13:45:33", "dateReserved": "2022-04-08T00:00:00", "dateUpdated": "2024-08-03T06:03:53.089Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gavazziautomation:cpy_car_park_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E670508-7A94-4A01-9C2B-51E82D5A861F", "versionEndExcluding": "2.8.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "14B2D9AB-2D19-4AD6-A049-CDB6814CC8D0", "versionEndExcluding": "8.5.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "90DBF492-5F3A-4F53-ACFC-59F89470D632", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:edp:*:*:*:*:*", "matchCriteriaId": "5BFC1445-995C-44F7-BE85-E0C1D462573E", "versionEndExcluding": "8.5.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:edp:*:*:*:*:*", "matchCriteriaId": "C7900CB8-560F-4DD7-82B9-8226A8F5F5CC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:security_enhanced:*:*:*:*:*", "matchCriteriaId": "F6584CB1-FA0B-468D-AA58-F2D2F33763AA", "versionEndExcluding": "8.5.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:security_enhanced:*:*:*:*:*", "matchCriteriaId": "B29F6465-3533-4B50-B436-4DC4E6F1B361", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device."}, {"lang": "es", "value": "En Carlo Gavazzi UWP versi\u00f3n 3.0 en m\u00faltiples versiones y en CPY Car Park Server en versi\u00f3n 2.8.3, un atacante remoto no autenticado podr\u00eda hacer uso de credenciales embebidas para conseguir acceso de Super Usuario al dispositivo"}], "id": "CVE-2022-28812", "lastModified": "2022-09-30T02:10:52.977", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "info@cert.vde.com", "type": "Primary"}]}, "published": "2022-09-28T14:15:10.420", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en/advisories/VDE-2022-029/"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "info@cert.vde.com", "type": "Primary"}]}