PT-2023-14745 · Unknown · Global Facilities Management

Published

2023-02-10

Updated

2025-03-24

CVE-2022-45766

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Global Facilities Management Software (GFMS) Version 3

Description The issue concerns hardcoded credentials in the software, allowing remote attackers to impact the availability, confidentiality, accessibility, and dependability of electronic key boxes.

Recommendations For Global Facilities Management Software (GFMS) Version 3, consider changing the hardcoded credentials to unique, secure credentials to prevent unauthorized access. As a temporary workaround, restrict access to the electronic key boxes to minimize the risk of exploitation.

Fix

Using Hardcoded Credentials

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798CWE-787

Related Identifiers

CVE-2022-45766

Affected Products

Global Facilities Management

PT-2023-14745 · Unknown · Global Facilities Management

CVE-2022-45766

Weakness Enumeration

Related Identifiers

Affected Products

References · 4