Vulnerabilities > CVE-2021-35520 - Out-of-bounds Write vulnerability in Idemia products
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 4 | |
Hardware | 4 |
Common Weakness Enumeration (CWE)
References
- https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true
- https://biometricdevices.idemia.com/s/global-search/0696700000JJa0zAAD?sharing=true
- https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true
- https://biometricdevices.idemia.com/s/global-search/0696700000JJa1nAAD?sharing=true
- https://www.idemia.com
- https://www.idemia.com