Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-28 | CVE-2021-22644 | Use of Hard-coded Credentials vulnerability in Ovarro products Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. | 9.8 |
| 2022-07-27 | CVE-2022-36952 | Use of Hard-coded Credentials vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. | 9.8 |
| 2022-07-26 | CVE-2022-30271 | Use of Hard-coded Credentials vulnerability in Motorola Ace1000 Firmware The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. | 9.8 |
| 2022-07-26 | CVE-2022-30274 | Use of Hard-coded Credentials vulnerability in Motorola Ace1000 Firmware The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. | 9.8 |
| 2022-07-26 | CVE-2022-29953 | Use of Hard-coded Credentials vulnerability in Bakerhughes products The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. | 9.8 |
| 2022-07-26 | CVE-2022-29960 | Use of Hard-coded Credentials vulnerability in Emerson Openbsi 5.9 Emerson OpenBSI through 2022-04-29 uses weak cryptography. | 5.5 |
| 2022-07-26 | CVE-2022-29962 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
| 2022-07-26 | CVE-2022-29963 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
| 2022-07-26 | CVE-2022-29964 | Use of Hard-coded Credentials vulnerability in Emerson products The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. | 5.5 |
| 2022-07-25 | CVE-2022-34906 | Use of Hard-coded Credentials vulnerability in Filewave 14.7.0 A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. | 7.5 |