Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-25 | CVE-2022-25577 | Use of Hard-coded Credentials vulnerability in Alf-Banco 8.2.5 ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite database containing the user's data. | 9.1 |
| 2022-03-23 | CVE-2021-27430 | Use of Hard-coded Credentials vulnerability in GE UR Bootloader Binary 7.00/7.01/7.02 GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. | 6.8 |
| 2022-03-21 | CVE-2021-45877 | Use of Hard-coded Credentials vulnerability in Garo products Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. | 9.8 |
| 2022-03-18 | CVE-2020-25180 | Use of Hard-coded Credentials vulnerability in multiple products Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. | 6.5 |
| 2022-03-18 | CVE-2020-25193 | Use of Hard-coded Credentials vulnerability in GE Rt430 Firmware, Rt431 Firmware and Rt434 Firmware By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection. | 5.3 |
| 2022-03-16 | CVE-2022-25246 | Use of Hard-coded Credentials vulnerability in PTC Axeda Agent and Axeda Desktop Server Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. | 8.8 |
| 2022-03-16 | CVE-2022-26660 | Use of Hard-coded Credentials vulnerability in Robotronic Runasspc 4.0.0.0 RunAsSpc 4.0 uses a universal and recoverable encryption key. | 7.5 |
| 2022-03-11 | CVE-2021-41848 | Use of Hard-coded Credentials vulnerability in multiple products An issue was discovered in Luna Simo PPR1.180610.011/202001031830. | 7.8 |
| 2022-03-11 | CVE-2022-21194 | Use of Hard-coded Credentials vulnerability in Yokogawa products The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00. | 9.8 |
| 2022-03-11 | CVE-2022-23402 | Use of Hard-coded Credentials vulnerability in Yokogawa products The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00 | 9.8 |