CVE-2022-32967

RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.

CVSS v3 2.1 LOW

2.1^/10

CVSS v3 : LOW

Vector :

Exploitability : 0.7 / Impact : 1.4

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:realtek:rtl8111ep-cg_firmware::::::::
	cpe:2.3:o:realtek:rtl8111ep-cg_firmware:5.0.10:::::::*

cpe:2.3:h:realtek:rtl8111ep-cg:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:realtek:rtl8111fp-cg_firmware::::::::
	cpe:2.3:o:realtek:rtl8111fp-cg_firmware:5.0.10:::::::*

cpe:2.3:h:realtek:rtl8111fp-cg:-:*:*:*:*:*:*:*

History

30 Nov 2022, 04:59

Type	Values Removed	Values Added
References	~~(MISC) https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html -~~	(MISC) https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html - Third Party Advisory
CPE		cpe:2.3:o:realtek:rtl8111ep-cg_firmware:::::::: cpe:2.3:o:realtek:rtl8111ep-cg_firmware:5.0.10:::::::* cpe:2.3:h:realtek:rtl8111fp-cg:-:::::::* cpe:2.3:o:realtek:rtl8111fp-cg_firmware:::::::: cpe:2.3:o:realtek:rtl8111fp-cg_firmware:5.0.10:::::::* cpe:2.3:h:realtek:rtl8111ep-cg:-:::::::*
CWE		CWE-798
First Time		Realtek rtl8111fp-cg Realtek rtl8111ep-cg Realtek Realtek rtl8111fp-cg Firmware Realtek rtl8111ep-cg Firmware

29 Nov 2022, 04:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-11-29 04:15

Updated : 2023-12-10 14:48

NVD link : CVE-2022-32967

Mitre link : CVE-2022-32967

CVE.ORG link : CVE-2022-32967

JSON object : View

Products Affected

realtek

rtl8111fp-cg
rtl8111fp-cg_firmware
rtl8111ep-cg
rtl8111ep-cg_firmware

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2022-32967", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "twcert@cert.org.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.1, "attackVector": "PHYSICAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 0.7}]}, "published": "2022-11-29T04:15:10.407", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-6740-ba9bd-1.html", "tags": ["Third Party Advisory"], "source": "twcert@cert.org.tw"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}, {"type": "Secondary", "source": "twcert@cert.org.tw", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information."}, {"lang": "es", "value": "La funci\u00f3n DASH RTL8111EP-CG/RTL8111FP-CG tiene una contrase\u00f1a codificada. Un atacante f\u00edsico no autenticado puede utilizar la contrase\u00f1a predeterminada codificada durante el reinicio del sistema activado por otro usuario, para adquirir informaci\u00f3n parcial del sistema, como el n\u00famero de serie y la informaci\u00f3n del servidor."}], "lastModified": "2022-11-30T04:59:42.133", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8111ep-cg_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FA8CEB9-ECCE-49F9-B681-355F7C7E8D86", "versionEndIncluding": "3.0.0.2019090"}, {"criteria": "cpe:2.3:o:realtek:rtl8111ep-cg_firmware:5.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AD41590-F935-4436-AB30-51ABD7994263"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8111ep-cg:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3A0FE17D-EEAD-429F-8F45-B48D79AEE66D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8111fp-cg_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "798F35FF-351C-43B2-A7EF-828F2A4946D7", "versionEndIncluding": "3.0.0.2019090"}, {"criteria": "cpe:2.3:o:realtek:rtl8111fp-cg_firmware:5.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F43371D-9E6F-4984-B7F0-805B297F3978"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8111fp-cg:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75EF2626-4CB6-4F11-92D2-29519555B4D8"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "twcert@cert.org.tw"}