← Zuruck zu CVEs
CVE-2021-35522
CRITICAL9.8
Beschreibung
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht7/22/2021
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
idemia:ma_vp_mdidemia:ma_vp_md_firmwareidemia:morphowave_compact_mdidemia:morphowave_compact_md_firmwareidemia:morphowave_compact_mdpiidemia:morphowave_compact_mdpi-midemia:morphowave_compact_mdpi-m_firmwareidemia:morphowave_compact_mdpi_firmwareidemia:sigma_extremeidemia:sigma_extreme_firmwareidemia:sigma_liteidemia:sigma_lite\+idemia:sigma_lite\+_firmwareidemia:sigma_lite_firmwareidemia:sigma_wideidemia:sigma_wide_firmwareidemia:visionpass_mdidemia:visionpass_md_firmwareidemia:visionpass_mdpiidemia:visionpass_mdpi-midemia:visionpass_mdpi-m_firmwareidemia:visionpass_mdpi_firmware
Schwachen (CWE)
CWE-787
Referenzen
https://www.idemia.com(cve@mitre.org)
https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true(af854a3a-2127-422b-91ae-364da2661108)
https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true(af854a3a-2127-422b-91ae-364da2661108)
https://www.idemia.com(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.