Vulnerability Details CVE-2022-25246
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 9.0
References
Products affected by CVE-2022-25246
-
cpe:2.3:a:ptc:axeda_agent:-
-
cpe:2.3:a:ptc:axeda_agent:6.9.0
-
cpe:2.3:a:ptc:axeda_desktop_server:-