Vulnerabilities > Use of Hard-coded Credentials

DATE CVE VULNERABILITY TITLE RISK
2023-08-11 CVE-2022-44612 Use of Hard-coded Credentials vulnerability in Intel Unison
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-798
5.5
2023-08-08 CVE-2023-21652 Use of Hard-coded Credentials vulnerability in Qualcomm products
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
local
low complexity
qualcomm CWE-798
7.1
2023-08-04 CVE-2023-33372 Use of Hard-coded Credentials vulnerability in Connectedio Connected IO
Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT.
network
low complexity
connectedio CWE-798
critical
9.8
2023-08-03 CVE-2023-33371 Use of Hard-coded Credentials vulnerability in Assaabloy Control ID Idsecure 4.7.26.0
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication.
network
low complexity
assaabloy CWE-798
critical
9.8
2023-07-30 CVE-2023-32227 Use of Hard-coded Credentials vulnerability in Synel Synergy/A Firmware
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials
network
low complexity
synel CWE-798
critical
9.8
2023-07-30 CVE-2023-37215 Use of Hard-coded Credentials vulnerability in JBL BAR 5.1 Surround Firmware
JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials
network
low complexity
jbl CWE-798
critical
9.8
2023-07-27 CVE-2023-33744 Use of Hard-coded Credentials vulnerability in Teleadapt Roomcast Ta-2400 Firmware 1.0/3.1
TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN): 385521, 843646, and 592671.
network
low complexity
teleadapt CWE-798
critical
9.8
2023-07-26 CVE-2023-38433 Use of Hard-coded Credentials vulnerability in Fujitsu products
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission.
network
low complexity
fujitsu CWE-798
7.5
2023-07-18 CVE-2023-35763 Use of Hard-coded Credentials vulnerability in Iagona Scrutisweb 2.1.37
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext.
local
low complexity
iagona CWE-798
5.5
2023-07-13 CVE-2023-34123 Use of Hard-coded Credentials vulnerability in Sonicwall Analytics and Global Management System
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics.
network
low complexity
sonicwall CWE-798
7.5