Search
Find a vulnerability
Search criteria
6 vulnerabilities found for morphowave_compact_mdpi-m_firmware by idemia
CVE-2021-35522 (GCVE-0-2021-35522)
Vulnerability from nvd – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
VLAI
EPSS
VEX
Summary
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.idemia.com | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:46.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T11:32:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.idemia.com",
"refsource": "MISC",
"url": "https://www.idemia.com"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35522",
"datePublished": "2021-07-22T11:32:50.000Z",
"dateReserved": "2021-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T00:40:46.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35521 (GCVE-0-2021-35521)
Vulnerability from nvd – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
VLAI
EPSS
VEX
Summary
A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.idemia.com | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T11:32:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35521",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.idemia.com",
"refsource": "MISC",
"url": "https://www.idemia.com"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35521",
"datePublished": "2021-07-22T11:32:42.000Z",
"dateReserved": "2021-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T00:40:47.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35520 (GCVE-0-2021-35520)
Vulnerability from nvd – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
VLAI
EPSS
VEX
Summary
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.idemia.com | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T11:32:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35520",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.idemia.com",
"refsource": "MISC",
"url": "https://www.idemia.com"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35520",
"datePublished": "2021-07-22T11:32:33.000Z",
"dateReserved": "2021-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T00:40:47.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35522 (GCVE-0-2021-35522)
Vulnerability from cvelistv5 – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
VLAI
EPSS
VEX
Summary
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.idemia.com | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:46.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T11:32:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.idemia.com",
"refsource": "MISC",
"url": "https://www.idemia.com"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35522",
"datePublished": "2021-07-22T11:32:50.000Z",
"dateReserved": "2021-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T00:40:46.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35521 (GCVE-0-2021-35521)
Vulnerability from cvelistv5 – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
VLAI
EPSS
VEX
Summary
A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.idemia.com | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T11:32:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35521",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.idemia.com",
"refsource": "MISC",
"url": "https://www.idemia.com"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35521",
"datePublished": "2021-07-22T11:32:42.000Z",
"dateReserved": "2021-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T00:40:47.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35520 (GCVE-0-2021-35520)
Vulnerability from cvelistv5 – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
VLAI
EPSS
VEX
Summary
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.idemia.com | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
| https://biometricdevices.idemia.com/s/global-sear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T11:32:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.idemia.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35520",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.idemia.com",
"refsource": "MISC",
"url": "https://www.idemia.com"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
},
{
"name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
"refsource": "MISC",
"url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35520",
"datePublished": "2021-07-22T11:32:33.000Z",
"dateReserved": "2021-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T00:40:47.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}