Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for morphowave_compact_mdpi_firmware by idemia

    CVE-2021-35522 (GCVE-0-2021-35522)

    Vulnerability from nvd – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
    VLAI
    Summary
    A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:40:46.618Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.idemia.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-22T11:32:50.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.idemia.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-35522",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.idemia.com",
                  "refsource": "MISC",
                  "url": "https://www.idemia.com"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-35522",
        "datePublished": "2021-07-22T11:32:50.000Z",
        "dateReserved": "2021-06-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:40:46.618Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-35521 (GCVE-0-2021-35521)

    Vulnerability from nvd – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
    VLAI
    Summary
    A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:40:47.356Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.idemia.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-22T11:32:42.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.idemia.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-35521",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.idemia.com",
                  "refsource": "MISC",
                  "url": "https://www.idemia.com"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-35521",
        "datePublished": "2021-07-22T11:32:42.000Z",
        "dateReserved": "2021-06-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:40:47.356Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-35520 (GCVE-0-2021-35520)

    Vulnerability from nvd – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
    VLAI
    Summary
    A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:40:47.192Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.idemia.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-22T11:32:33.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.idemia.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-35520",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.idemia.com",
                  "refsource": "MISC",
                  "url": "https://www.idemia.com"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-35520",
        "datePublished": "2021-07-22T11:32:33.000Z",
        "dateReserved": "2021-06-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:40:47.192Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-35522 (GCVE-0-2021-35522)

    Vulnerability from cvelistv5 – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
    VLAI
    Summary
    A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:40:46.618Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.idemia.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-22T11:32:50.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.idemia.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-35522",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.idemia.com",
                  "refsource": "MISC",
                  "url": "https://www.idemia.com"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-35522",
        "datePublished": "2021-07-22T11:32:50.000Z",
        "dateReserved": "2021-06-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:40:46.618Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-35521 (GCVE-0-2021-35521)

    Vulnerability from cvelistv5 – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
    VLAI
    Summary
    A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:40:47.356Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.idemia.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-22T11:32:42.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.idemia.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-35521",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.idemia.com",
                  "refsource": "MISC",
                  "url": "https://www.idemia.com"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-35521",
        "datePublished": "2021-07-22T11:32:42.000Z",
        "dateReserved": "2021-06-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:40:47.356Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-35520 (GCVE-0-2021-35520)

    Vulnerability from cvelistv5 – Published: 2021-07-22 11:32 – Updated: 2024-08-04 00:40
    VLAI
    Summary
    A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:40:47.192Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.idemia.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-22T11:32:33.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.idemia.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-35520",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.idemia.com",
                  "refsource": "MISC",
                  "url": "https://www.idemia.com"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true"
                },
                {
                  "name": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true",
                  "refsource": "MISC",
                  "url": "https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-35520",
        "datePublished": "2021-07-22T11:32:33.000Z",
        "dateReserved": "2021-06-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:40:47.192Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }