{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-32967", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "datePublished": "2022-11-29T00:00:00", "dateUpdated": "2022-11-29T00:00:00", "dateReserved": "2022-06-10T00:00:00"}, "containers": {"cna": {"title": "Realtek RTL8111EP-CG/RTL8111FP-CG - Use of Hard-coded Credentials", "datePublic": "2022-11-29T00:00:00", "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2022-11-29T00:00:00"}, "descriptions": [{"lang": "en", "value": "RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information."}], "affected": [{"vendor": "Realtek", "product": "RTL8111EP-CG", "versions": [{"version": "unspecified", "lessThanOrEqual": "3.0.0.2019090", "status": "affected", "versionType": "custom"}, {"version": "5.0.10", "status": "affected"}]}, {"vendor": "Realtek", "product": "RTL8111FP-CG", "versions": [{"version": "unspecified", "lessThanOrEqual": "3.0.0.2019090", "status": "affected", "versionType": "custom"}, {"version": "5.0.10", "status": "affected"}]}], "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "baseSeverity": "LOW"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-798 Use of Hard-coded Credentials", "cweId": "CWE-798"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "TVN-202209016", "discovery": "EXTERNAL"}, "solutions": [{"lang": "en", "value": "Contact tech support from Realtek"}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8111ep-cg_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FA8CEB9-ECCE-49F9-B681-355F7C7E8D86", "versionEndIncluding": "3.0.0.2019090", "vulnerable": true}, {"criteria": "cpe:2.3:o:realtek:rtl8111ep-cg_firmware:5.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "8AD41590-F935-4436-AB30-51ABD7994263", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8111ep-cg:-:*:*:*:*:*:*:*", "matchCriteriaId": "3A0FE17D-EEAD-429F-8F45-B48D79AEE66D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8111fp-cg_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "798F35FF-351C-43B2-A7EF-828F2A4946D7", "versionEndIncluding": "3.0.0.2019090", "vulnerable": true}, {"criteria": "cpe:2.3:o:realtek:rtl8111fp-cg_firmware:5.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "1F43371D-9E6F-4984-B7F0-805B297F3978", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8111fp-cg:-:*:*:*:*:*:*:*", "matchCriteriaId": "75EF2626-4CB6-4F11-92D2-29519555B4D8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information."}, {"lang": "es", "value": "La funci\u00f3n DASH RTL8111EP-CG/RTL8111FP-CG tiene una contrase\u00f1a codificada. Un atacante f\u00edsico no autenticado puede utilizar la contrase\u00f1a predeterminada codificada durante el reinicio del sistema activado por otro usuario, para adquirir informaci\u00f3n parcial del sistema, como el n\u00famero de serie y la informaci\u00f3n del servidor."}], "id": "CVE-2022-32967", "lastModified": "2022-11-30T04:59:42.133", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 1.4, "source": "twcert@cert.org.tw", "type": "Primary"}]}, "published": "2022-11-29T04:15:10.407", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "twcert@cert.org.tw", "type": "Secondary"}]}

{}