CVE-2022-2052
TRUMPF TruTops default user accounts vulnerability
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple Trumpf Products in multiple versions use default privileged Windows users and passwords. An adversary may use these accounts to remotely gain full access to the system.
Varios productos de Trumpf en múltiples versiones usan usuarios y contraseñas privilegiados de Windows por defecto. Un adversario puede usar estas cuentas para conseguir acceso completo al sistema de forma remota
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-06-10 CVE Reserved
- 2022-10-17 CVE Published
- 2024-05-09 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://cert.vde.com/en/advisories/VDE-2022-023 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Trumpf Search vendor "Trumpf" | Job Order Interface Search vendor "Trumpf" for product "Job Order Interface" | * | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Oseon Search vendor "Trumpf" for product "Oseon" | <= 1.6 Search vendor "Trumpf" for product "Oseon" and version " <= 1.6" | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Trutops Boost Search vendor "Trumpf" for product "Trutops Boost" | * | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Trutops Fab Search vendor "Trumpf" for product "Trutops Fab" | * | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Trutops Monitor Search vendor "Trumpf" for product "Trutops Monitor" | * | - |
Affected
| ||||||