Vulnerabilities > CVE-2017-15567 - Unspecified vulnerability in Idemia MSO 1300 Firmware

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

idemia

NVD

Published: 2017-10-23

Updated: 2024-04-11

Summary

The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product or in the associated SDK

Vulnerable Configurations

Part	Description	Count
OS	Idemia Idemia MSO 1300 Firmware -	1
Hardware	Idemia Idemia MSO 1300 -	1

References

https://gist.github.com/shiham101/4c49ece8ecac7c3c02ecbc6942aeca80