CVE-2022-0183
MEDIUMMIRUPASS PW10 and PW20 Firmware - Unprotected Password Exposure via Physical Access
Title source: llmDescription
Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.kingjim.co.jp/download/security/#mirupass
Third Party Advisory x_refsource_misc
https://jvn.jp/en/jp/JVN19826500/index.html
Scores
CVSS v3
4.6
EPSS
0.0011
EPSS Percentile
1.4%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-311
Status
published
Products (2)
kingjim/mirupass_pw10_firmware
kingjim/mirupass_pw20_firmware
Published
Jan 17, 2022
Tracked Since
Feb 18, 2026