Unrated severityNVD Advisory· Published Jul 31, 2012· Updated Apr 29, 2026
CVE-2012-3018
CVE-2012-3018
Description
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain administrative access by predicting a challenge response.
Affected products
18cpe:2.3:a:iconics:bizviz:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:iconics:bizviz:*:*:*:*:*:*:*:*range: <=9.22
- cpe:2.3:a:iconics:bizviz:8.05:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:bizviz:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:bizviz:9.01:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:bizviz:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:bizviz:9.13:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:bizviz:9.2:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:bizviz:9.20:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:bizviz:9.21:*:*:*:*:*:*:*
cpe:2.3:a:iconics:genesis32:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:iconics:genesis32:*:*:*:*:*:*:*:*range: <=9.22
- cpe:2.3:a:iconics:genesis32:8.05:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:genesis32:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:genesis32:9.01:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:genesis32:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:genesis32:9.13:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:genesis32:9.2:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:genesis32:9.20:*:*:*:*:*:*:*
- cpe:2.3:a:iconics:genesis32:9.21:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.us-cert.gov/control_systems/pdf/ICSA-12-212-01.pdfnvdUS Government Resource
News mentions
0No linked articles in our index yet.