CVE-2021-35520

Sažetak

A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.

Reference

https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true
https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true
https://www.idemia.com

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

06-08-2021 - 13:37

Objavljeno

22-07-2021 - 12:15