← Back to CVEs
CVE-2012-3018
N/ADescription
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain administrative access by predicting a challenge response.
CVE Details
CVSS v3.1 ScoreN/A
Published7/31/2012
Last Modified4/29/2026
Sourcenvd
Honeypot Sightings0
Affected Products
iconics:bizviziconics:genesis32
Weaknesses (CWE)
CWE-310
References
http://www.us-cert.gov/control_systems/pdf/ICSA-12-212-01.pdf(ics-cert@hq.dhs.gov)
http://www.us-cert.gov/control_systems/pdf/ICSA-12-212-01.pdf(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.