Vulnerabilities > Idemia > Morphowave Compact MD Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-07-22 CVE-2021-35521 Path Traversal vulnerability in Idemia products
A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets.
network
high complexity
idemia CWE-22
5.9
2021-07-22 CVE-2021-35522 Out-of-bounds Write vulnerability in Idemia products
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.
network
low complexity
idemia CWE-787
critical
9.8