CVE-2022-32967 (GCVE-0-2022-32967)

Vulnerability from cvelistv5 – Published: 2022-11-29 03:30 – Updated: 2025-04-23 14:33
VLAI?
Title
Realtek RTL8111EP-CG/RTL8111FP-CG - Use of Hard-coded Credentials
Summary
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.
Severity ?
2.1 (Low)
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Vendor Product Version
Realtek RTL8111EP-CG Affected: unspecified , ≤ 3.0.0.2019090 (custom)
Affected: 5.0.10
Create a notification for this product.
    Realtek RTL8111FP-CG Affected: unspecified , ≤ 3.0.0.2019090 (custom)
Affected: 5.0.10
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:54:03.438Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-32967",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T14:33:22.899470Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T14:33:40.929Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RTL8111EP-CG",
          "vendor": "Realtek",
          "versions": [
            {
              "lessThanOrEqual": "3.0.0.2019090",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "5.0.10"
            }
          ]
        },
        {
          "product": "RTL8111FP-CG",
          "vendor": "Realtek",
          "versions": [
            {
              "lessThanOrEqual": "3.0.0.2019090",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "5.0.10"
            }
          ]
        }
      ],
      "datePublic": "2022-11-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-29T00:00:00.000Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "url": "https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Contact tech support from Realtek"
        }
      ],
      "source": {
        "advisory": "TVN-202209016",
        "discovery": "EXTERNAL"
      },
      "title": "Realtek RTL8111EP-CG/RTL8111FP-CG - Use of Hard-coded Credentials",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2022-32967",
    "datePublished": "2022-11-29T03:30:27.572Z",
    "dateReserved": "2022-06-10T00:00:00.000Z",
    "dateUpdated": "2025-04-23T14:33:40.929Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:realtek:rtl8111ep-cg_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.0.0.2019090\", \"matchCriteriaId\": \"9FA8CEB9-ECCE-49F9-B681-355F7C7E8D86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:realtek:rtl8111ep-cg_firmware:5.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AD41590-F935-4436-AB30-51ABD7994263\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:realtek:rtl8111ep-cg:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A0FE17D-EEAD-429F-8F45-B48D79AEE66D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:realtek:rtl8111fp-cg_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.0.0.2019090\", \"matchCriteriaId\": \"798F35FF-351C-43B2-A7EF-828F2A4946D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:realtek:rtl8111fp-cg_firmware:5.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F43371D-9E6F-4984-B7F0-805B297F3978\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:realtek:rtl8111fp-cg:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75EF2626-4CB6-4F11-92D2-29519555B4D8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n DASH RTL8111EP-CG/RTL8111FP-CG tiene una contrase\\u00f1a codificada. Un atacante f\\u00edsico no autenticado puede utilizar la contrase\\u00f1a predeterminada codificada durante el reinicio del sistema activado por otro usuario, para adquirir informaci\\u00f3n parcial del sistema, como el n\\u00famero de serie y la informaci\\u00f3n del servidor.\"}]",
      "id": "CVE-2022-32967",
      "lastModified": "2024-11-21T07:07:19.910",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"twcert@cert.org.tw\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\", \"baseScore\": 2.1, \"baseSeverity\": \"LOW\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.7, \"impactScore\": 1.4}]}",
      "published": "2022-11-29T04:15:10.407",
      "references": "[{\"url\": \"https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html\", \"source\": \"twcert@cert.org.tw\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "twcert@cert.org.tw",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"twcert@cert.org.tw\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-32967\",\"sourceIdentifier\":\"twcert@cert.org.tw\",\"published\":\"2022-11-29T04:15:10.407\",\"lastModified\":\"2024-11-21T07:07:19.910\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n DASH RTL8111EP-CG/RTL8111FP-CG tiene una contrase\u00f1a codificada. Un atacante f\u00edsico no autenticado puede utilizar la contrase\u00f1a predeterminada codificada durante el reinicio del sistema activado por otro usuario, para adquirir informaci\u00f3n parcial del sistema, como el n\u00famero de serie y la informaci\u00f3n del servidor.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"twcert@cert.org.tw\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":2.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.7,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"twcert@cert.org.tw\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:realtek:rtl8111ep-cg_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.0.2019090\",\"matchCriteriaId\":\"9FA8CEB9-ECCE-49F9-B681-355F7C7E8D86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:realtek:rtl8111ep-cg_firmware:5.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AD41590-F935-4436-AB30-51ABD7994263\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:realtek:rtl8111ep-cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A0FE17D-EEAD-429F-8F45-B48D79AEE66D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:realtek:rtl8111fp-cg_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.0.2019090\",\"matchCriteriaId\":\"798F35FF-351C-43B2-A7EF-828F2A4946D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:realtek:rtl8111fp-cg_firmware:5.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F43371D-9E6F-4984-B7F0-805B297F3978\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:realtek:rtl8111fp-cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75EF2626-4CB6-4F11-92D2-29519555B4D8\"}]}]}],\"references\":[{\"url\":\"https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html\",\"source\":\"twcert@cert.org.tw\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:54:03.438Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-32967\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T14:33:22.899470Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T14:33:29.597Z\"}}], \"cna\": {\"title\": \"Realtek RTL8111EP-CG/RTL8111FP-CG - Use of Hard-coded Credentials\", \"source\": {\"advisory\": \"TVN-202209016\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 2.1, \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Realtek\", \"product\": \"RTL8111EP-CG\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"3.0.0.2019090\"}, {\"status\": \"affected\", \"version\": \"5.0.10\"}]}, {\"vendor\": \"Realtek\", \"product\": \"RTL8111FP-CG\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"3.0.0.2019090\"}, {\"status\": \"affected\", \"version\": \"5.0.10\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Contact tech support from Realtek\"}], \"datePublic\": \"2022-11-29T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-798\", \"description\": \"CWE-798 Use of Hard-coded Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e\", \"shortName\": \"twcert\", \"dateUpdated\": \"2022-11-29T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-32967\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-23T14:33:40.929Z\", \"dateReserved\": \"2022-06-10T00:00:00.000Z\", \"assignerOrgId\": \"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e\", \"datePublished\": \"2022-11-29T03:30:27.572Z\", \"assignerShortName\": \"twcert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.