Vulnerability Details CVE-2022-45425
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.9%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-45425
-
cpe:2.3:a:dahuasecurity:dss_express:7.002.1760000.2
-
cpe:2.3:a:dahuasecurity:dss_express:8.0.2
-
cpe:2.3:a:dahuasecurity:dss_express:8.0.4
-
cpe:2.3:a:dahuasecurity:dss_express:8.1
-
cpe:2.3:a:dahuasecurity:dss_express:8.1.1
-
cpe:2.3:a:dahuasecurity:dss_professional:7.002.1760000.2
-
cpe:2.3:a:dahuasecurity:dss_professional:8.0.2
-
cpe:2.3:a:dahuasecurity:dss_professional:8.0.4
-
cpe:2.3:a:dahuasecurity:dss_professional:8.1
-
cpe:2.3:a:dahuasecurity:dss_professional:8.1.1
-
cpe:2.3:h:dahuasecurity:dhi-dss4004-s2:-
-
cpe:2.3:h:dahuasecurity:dhi-dss7016d-s2:-
-
cpe:2.3:h:dahuasecurity:dhi-dss7016dr-s2:-
-
cpe:2.3:o:dahuasecurity:dhi-dss4004-s2_firmware:1.001.0000001.2
-
cpe:2.3:o:dahuasecurity:dhi-dss4004-s2_firmware:8.0.2
-
cpe:2.3:o:dahuasecurity:dhi-dss4004-s2_firmware:8.0.4
-
cpe:2.3:o:dahuasecurity:dhi-dss4004-s2_firmware:8.1
-
cpe:2.3:o:dahuasecurity:dhi-dss7016d-s2_firmware:1.001.0000001.2
-
cpe:2.3:o:dahuasecurity:dhi-dss7016d-s2_firmware:8.0.2
-
cpe:2.3:o:dahuasecurity:dhi-dss7016d-s2_firmware:8.0.4
-
cpe:2.3:o:dahuasecurity:dhi-dss7016d-s2_firmware:8.1
-
cpe:2.3:o:dahuasecurity:dhi-dss7016dr-s2_firmware:1.001.0000001.2
-
cpe:2.3:o:dahuasecurity:dhi-dss7016dr-s2_firmware:8.0.2
-
cpe:2.3:o:dahuasecurity:dhi-dss7016dr-s2_firmware:8.0.4
-
cpe:2.3:o:dahuasecurity:dhi-dss7016dr-s2_firmware:8.1