Vulnerabilities > Hidglobal > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-07 | CVE-2024-23806 | Improper Authorization vulnerability in Hidglobal products Sensitive data can be extracted from HID iCLASS SE reader configuration cards. | 5.3 |
| 2022-06-06 | CVE-2022-31480 | Forced Browsing vulnerability in multiple products An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service (DoS). | 5.0 |
| 2022-06-06 | CVE-2022-31484 | Forced Browsing vulnerability in multiple products An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface. | 5.0 |
| 2022-06-06 | CVE-2022-31485 | Forced Browsing vulnerability in multiple products An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. | 5.0 |
| 2021-03-24 | CVE-2020-36283 | Cross-Site Request Forgery (CSRF) vulnerability in Hidglobal Omnikey 5127 Firmware and Omnikey 5427 Firmware HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver (Ethernet Emulation Mode). | 6.8 |
| 2019-07-16 | CVE-2019-13603 | Unspecified vulnerability in Hidglobal Digital Persona U.Are.U 4500 Driver Firmware 5.0.0.5 An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. network hidglobal | 4.3 |