cbcvebase.
CVE-2012-3018
published 2012-07-31

CVE-2012-3018: The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper…

PriorityP416medium4.4CVSS 2.0
AVLACMAuNCPIPAP
EPSS
0.21%
11.2th percentile
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain administrative access by predicting a challenge response.

Affected

18 ranges
VendorProductVersion rangeFixed in
iconicsbizviz<= 9.22
iconicsbizviz
iconicsbizviz
iconicsbizviz
iconicsbizviz
iconicsbizviz
iconicsbizviz
iconicsbizviz
iconicsbizviz
iconicsgenesis32<= 9.22
iconicsgenesis32
iconicsgenesis32
iconicsgenesis32
iconicsgenesis32
iconicsgenesis32
iconicsgenesis32
iconicsgenesis32
iconicsgenesis32
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.