PT-2023-14745 · Unknown · Global Facilities Management

Publicado

2023-02-10

Atualizado

2025-03-24

CVE-2022-45766

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Global Facilities Management Software (GFMS) Version 3

Description The issue concerns hardcoded credentials in the software, allowing remote attackers to impact the availability, confidentiality, accessibility, and dependability of electronic key boxes.

Recommendations For Global Facilities Management Software (GFMS) Version 3, consider changing the hardcoded credentials to unique, secure credentials to prevent unauthorized access. As a temporary workaround, restrict access to the electronic key boxes to minimize the risk of exploitation.

Correção

Using Hardcoded Credentials

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798CWE-787

Identificadores relacionados

CVE-2022-45766

Produtos afetados

Global Facilities Management

PT-2023-14745 · Unknown · Global Facilities Management

CVE-2022-45766

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4