CVE-2022-41653

Summary

Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an attacker obtaining user login credentials and control the system.

Affected Software

VendorProductVersion RangeStatus
DaikinSVMPC10 <= 2.1.22affected
DaikinSVMPC20 <= 1.2.3affected

Weaknesses

  • CWE-259: CWE-259 Use of Hard-Coded Password

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References