CVE-2012-3018

First published: Tue Jul 31 2012(Updated: )

The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain administrative access by predicting a challenge response.

Credit: ics-cert@hq.dhs.gov

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/severity
• agent/references
• agent/weakness
• agent/author
• agent/description
• agent/type
• agent/event
• agent/softwarecombine
• agent/last-modified-date
• agent/first-publish-date
• agent/tags
• collector/mitre-cve
• source/MITRE
• vendor/iconics
• canonical/iconics genesis32
• version/iconics genesis32/9.22
• version/iconics genesis32/8.05
• version/iconics genesis32/9.0
• version/iconics genesis32/9.1
• version/iconics genesis32/9.01
• version/iconics genesis32/9.2
• version/iconics genesis32/9.13
• version/iconics genesis32/9.20
• version/iconics genesis32/9.21
• canonical/iconics bizviz
• version/iconics bizviz/9.22
• version/iconics bizviz/8.05
• version/iconics bizviz/9.0
• version/iconics bizviz/9.01
• version/iconics bizviz/9.1
• version/iconics bizviz/9.2
• version/iconics bizviz/9.13
• version/iconics bizviz/9.20
• version/iconics bizviz/9.21