Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-18618
HistoryJul 22, 2020 - 2:15 p.m.

CVE-2019-18618

2020-07-2214:15:14
[email protected]
web.nvd.nist.gov
37
synaptics
vfs75xx
firmware
access control
unauthorized access
data compromise
injection
partition table
nvd
cve-2019-18618

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attacker to compromise the confidentiality of sensor data via injection of an unverified partition table.

Affected configurations

NVD
Node
synapticsvfs75xxMatch-
AND
synapticsvfs75xx_firmwareMatch5.1.5.51
OR
synapticsvfs75xx_firmwareMatch5.1.337.26
OR
synapticsvfs75xx_firmwareMatch5.1.3507.26
OR
synapticsvfs75xx_firmwareMatch5.2.320.26
OR
synapticsvfs75xx_firmwareMatch5.2.524.26
OR
synapticsvfs75xx_firmwareMatch5.2.3109.26
OR
synapticsvfs75xx_firmwareMatch5.2.3530.26
OR
synapticsvfs75xx_firmwareMatch5.2.5024.26
OR
synapticsvfs75xx_firmwareMatch5.3.3541.26
OR
synapticsvfs75xx_firmwareMatch5.5.4.1116
OR
synapticsvfs75xx_firmwareMatch5.5.8.1092
OR
synapticsvfs75xx_firmwareMatch5.5.10.1100
OR
synapticsvfs75xx_firmwareMatch5.5.10.1106
OR
synapticsvfs75xx_firmwareMatch5.5.17.1099
OR
synapticsvfs75xx_firmwareMatch5.5.17.1102
OR
synapticsvfs75xx_firmwareMatch5.5.35.1058
OR
synapticsvfs75xx_firmwareMatch5.5.502.79
OR
synapticsvfs75xx_firmwareMatch5.5.512.1051
OR
synapticsvfs75xx_firmwareMatch5.5.2734.1050
OR
synapticsvfs75xx_firmwareMatch5.5.2810.1050
Node
lenovothinkpad_25Match-
AND
lenovothinkpad_25_firmwareRange<5.2.3540.26
Node
lenovothankpad_a475Match-
AND
lenovothankpad_a475_firmwareRange<5.02.3539.0026
Node
lenovothankpad_a485Match-
AND
lenovothankpad_a485_firmwareRange<5.03.3542.0026
Node
lenovothinkpad_e480Match-
AND
lenovothinkpad_e480_firmwareRange<5.2.321.26
Node
lenovothinkpad_e580Match-
AND
lenovothinkpad_e580_firmwareRange<5.2.321.26
Node
lenovothinkpad_e485Match-
AND
lenovothinkpad_e485_firmwareRange<5.2.321.26
Node
lenovothinkpad_e585Match-
AND
lenovothinkpad_e585_firmwareRange<5.2.321.26
Node
lenovothinkpad_e490s_firmwareRange<5.2.321.26
AND
lenovothinkpad_e490sMatch-
Node
lenovothinkpad_s3_firmwareRange<5.2.321.26
AND
lenovothinkpad_s3Match-
Node
lenovothinkpad_e490_firmwareRange<5.2.321.26
AND
lenovothinkpad_e490Match-
Node
lenovothinkpad_e590_firmwareRange<5.2.321.26
AND
lenovothinkpad_e590Match-
Node
lenovothinkpad_r490_firmwareRange<5.2.321.26
AND
lenovothinkpad_r490Match-
Node
lenovothinkpad_r590_firmwareRange<5.2.321.26
AND
lenovothinkpad_r590Match-
Node
lenovothinkpad_l480_firmwareRange<5.3.3542.26
AND
lenovothinkpad_l480Match-
Node
lenovothinkpad_l580_firmwareRange<5.3.3542.26
AND
lenovothinkpad_l580Match-
Node
lenovothinkpad_p1_firmwareRange<5.3.3542.26
AND
lenovothinkpad_p1Match-
Node
lenovothinkpad_p1_gen_2_firmwareRange<6.0.36.1105
AND
lenovothinkpad_p1_gen_2Match-
Node
lenovothinkpad_x1_extreme_2nd_firmwareRange<6.0.36.1105
AND
lenovothinkpad_x1_extreme_2ndMatch-
Node
lenovothinkpad_p43s_firmwareRange<6.0.36.1105
AND
lenovothinkpad_p43sMatch-
Node
lenovothinkpad_p50_firmwareRange<5.1.338.26
AND
lenovothinkpad_p50Match-
Node
lenovothinkpad_p51_firmwareRange<5.2.3540.26
AND
lenovothinkpad_p51Match-
Node
lenovothinkpad_p51s_\(20jx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_p51s_\(20jx\)Match-
Node
lenovothinkpad_p51s_\(20kx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_p51s_\(20kx\)Match-
Node
lenovothinkpad_p51s_\(20hx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_p51s_\(20hx\)Match-
Node
lenovothinkpad_p52_firmwareRange<5.2.3540.26
AND
lenovothinkpad_p52Match-
Node
lenovothinkpad_p52s_firmwareRange<5.3.3542.26
AND
lenovothinkpad_p52sMatch-
Node
lenovothinkpad_p53_firmwareRange<6.0.36.1105
AND
lenovothinkpad_p53Match-
Node
lenovothinkpad_p53s_firmwareRange<6.0.36.1105
AND
lenovothinkpad_p53sMatch-
Node
lenovothinkpad_p70_firmwareRange<5.1.338.26
AND
lenovothinkpad_p70Match-
Node
lenovothinkpad_p71_\(20hx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_p71_\(20hx\)Match-
Node
lenovothinkpad_p72_firmwareRange<5.3.3542.26
AND
lenovothinkpad_p72Match-
Node
lenovothinkpad_p73_firmwareRange<5.3.3542.26
AND
lenovothinkpad_p73Match-
Node
lenovothinkpad_t25_\(20k7\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_t25_\(20k7\)Match-
Node
lenovothinkpad_t460p_firmwareRange<5.1.338.26
AND
lenovothinkpad_t460pMatch-
Node
lenovothinkpad_t460s_firmwareRange<5.1.338.26
AND
lenovothinkpad_t460sMatch-
Node
lenovothinkpad_t470_\(20hx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_t470_\(20hx\)Match-
Node
lenovothinkpad_t470_\(20jx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_t470_\(20jx\)Match-
Node
lenovothinkpad_t470p_firmwareRange<5.2.3540.26
AND
lenovothinkpad_t470pMatch-
Node
lenovothinkpad_t470s_\(20hx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_t470s_\(20hx\)Match-
Node
lenovothinkpad_t470s_\(20jx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_t470s_\(20jx\)Match-
Node
lenovothinkpad_t480_firmwareRange<5.3.3542.26
AND
lenovothinkpad_t480Match-
Node
lenovothinkpad_t480s_firmwareRange<5.3.3542.26
AND
lenovothinkpad_t480sMatch-
Node
lenovothinkpad_t490_firmwareRange<6.0.36.1105
AND
lenovothinkpad_t490Match-
Node
lenovothinkpad_t490s_firmwareRange<6.0.36.1105
AND
lenovothinkpad_t490sMatch-
Node
lenovothinkpad_t570_\(20hx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_t570_\(20hx\)Match-
Node
lenovothinkpad_t570\(20jx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_t570\(20jx\)Match-
Node
lenovothinkpad_t580_firmwareRange<5.3.3542.26
AND
lenovothinkpad_t580Match-
Node
lenovothinkpad_t590_firmwareRange<6.0.36.1105
AND
lenovothinkpad_t590Match-
Node
lenovothinkpad_x1_carbon_\(20hx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_x1_carbon_\(20hx\)Match-
Node
lenovothinkpad_x1_carbon_\(20kx\)_firmwareRange<5.3.3542.26
AND
lenovothinkpad_x1_carbon_\(20kx\)Match-
Node
lenovothinkpad_x1_carbon_firmwareRange<5.1.338.26
AND
lenovothinkpad_x1_carbonMatch-
Node
lenovothinkpad_x1_yoga_4th_gen_firmwareRange<5.1.338.26
AND
lenovothinkpad_x1_yoga_4th_genMatch-
Node
lenovothinkpad_x1_extreme_firmwareRange<5.3.3542.26
AND
lenovothinkpad_x1_extremeMatch-
Node
lenovothinkpad_x1_tablet_firmwareRange<5.5.40.1058
AND
lenovothinkpad_x1_tabletMatch-
Node
lenovothinkpad_x1_tablet_\(20jx\)_firmwareRange<5.2.227.26
AND
lenovothinkpad_x1_tablet_\(20jx\)Match-
Node
lenovothinkpad_x1_yoga_firmwareRange<5.1.338.26
AND
lenovothinkpad_x1_yogaMatch-
Node
lenovothinkpad_x1_yoga_\(20jx\)_firmwareRange<5.2.3540.26
AND
lenovothinkpad_x1_yoga_\(20jx\)Match-
Node
lenovothinkpad_x1_yoga_3rd_gen_firmwareRange<5.3.3542.26
AND
lenovothinkpad_x1_yoga_3rd_genMatch-
Node
lenovothinkpad_x270_firmwareRange<5.2.3540.26
AND
lenovothinkpad_x270Match-
Node
lenovothinkpad_x280_firmwareRange<5.3.3542.26
AND
lenovothinkpad_x280Match-
Node
lenovothinkpad_x380_yoga_firmwareRange<5.3.3542.26
AND
lenovothinkpad_x380_yogaMatch-
Node
lenovothinkpad_x390_firmwareRange<6.0.36.1105
AND
lenovothinkpad_x390Match-
Node
lenovothinkpad_x390_yoga_firmwareRange<6.0.36.1105
AND
lenovothinkpad_x390_yogaMatch-
Node
lenovothinkpad_yoga_370_firmwareRange<5.2.3540.26
AND
lenovothinkpad_yoga_370Match-
Node
lenovothinkpad_s1_3rd_firmwareRange<5.2.3540.26
AND
lenovothinkpad_s1_3rdMatch-
Node
lenovothinkpad_yoga_260_firmwareRange<5.1.338.26
AND
lenovothinkpad_yoga_260Match-
Node
lenovothinkpad_yoga_s1_firmwareRange<5.1.338.26
AND
lenovothinkpad_yoga_s1Match-
Node
lenovothinkpad_a275_firmwareRange<5.2.3535.26
AND
lenovothinkpad_a275Match-
Node
hpelite_x2_1012_g2_firmwareRange<5.2.5026.26
AND
hpelite_x2_1012_g2Match-
Node
hpelite_x2_1013_g3_firmwareRange<5.5.21.1099
AND
hpelite_x2_1013_g3Match-
Node
hpelite_x2_g4_firmwareRange<5.5.21.1099
AND
hpelite_x2_g4Match-
Node
hpelitebook_1040_g4_firmwareRange<5.2.5026.26
AND
hpelitebook_1040_g4Match-
Node
hpelitebook_1050_g1_firmwareRange<5.5.21.1099
AND
hpelitebook_1050_g1Match-
Node
hpelitebook_735_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_735_g5Match-
Node
hpelitebook_735_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_735_g6Match-
Node
hpelitebook_745_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_745_g5Match-
Node
hpelitebook_745_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_745_g6Match-
Node
hpelitebook_755_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_755_g5Match-
Node
hpelitebook_830_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_830_g5Match-
Node
hpelitebook_830_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_830_g6Match-
Node
hpelitebook_836_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_836_g5Match-
Node
hpelitebook_836_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_836_g6Match-
Node
hpelitebook_840_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_840_g5Match-
Node
hpelitebook_840_g5_healthcare_edition_firmwareRange<5.5.21.1099
AND
hpelitebook_840_g5_healthcare_editionMatch-
Node
hpelitebook_840_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_840_g6Match-
Node
hpelitebook_840_g6_healthcare_edition_firmwareRange<5.5.21.1099
AND
hpelitebook_840_g6_healthcare_editionMatch-
Node
hpelitebook_846_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_846_g5Match-
Node
hpelitebook_846_g5_healthcare_edition_firmwareRange<5.5.21.1099
AND
hpelitebook_846_g5_healthcare_editionMatch-
Node
hpelitebook_846_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_846_g6Match-
Node
hpelitebook_846_g6_healthcare_edition_firmwareRange<5.5.21.1099
AND
hpelitebook_846_g6_healthcare_editionMatch-
Node
hpelitebook_850_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_850_g5Match-
Node
hpelitebook_850_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_850_g6Match-
Node
hpelitebook_x360_1020_g2_firmwareRange<5.2.5026.26
AND
hpelitebook_x360_1020_g2Match-
Node
hpelitebook_x360_1030_g2_firmwareRange<5.2.5026.26
AND
hpelitebook_x360_1030_g2Match-
Node
hpelitebook_x360_1030_g3_firmwareRange<5.5.21.1099
AND
hpelitebook_x360_1030_g3Match-
Node
hpelitebook_x360_1030_g4_firmwareRange<5.5.21.1099
AND
hpelitebook_x360_1030_g4Match-
Node
hpelitebook_x360_1040_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_x360_1040_g5Match-
Node
hpelitebook_x360_1040_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_x360_1040_g6Match-
Node
hpelitebook_x360_830_g5_firmwareRange<5.5.21.1099
AND
hpelitebook_x360_830_g5Match-
Node
hpelitebook_x360_830_g6_firmwareRange<5.5.21.1099
AND
hpelitebook_x360_830_g6Match-
Node
hppro_x2_612_g2_firmwareRange<5.2.5026.26
AND
hppro_x2_612_g2Match-
Node
hpprobook_430_g6_firmwareRange<5.5.21.1099
AND
hpprobook_430_g6Match-
Node
hpprobook_440_g6_firmwareRange<5.5.21.1099
AND
hpprobook_440_g6Match-
Node
hpprobook_445_g6_firmwareRange<5.5.21.1099
AND
hpprobook_445_g6Match-
Node
hpprobook_445r_g6_firmwareRange<5.5.21.1099
AND
hpprobook_445r_g6Match-
Node
hpprobook_450_g6_firmwareRange<5.5.21.1099
AND
hpprobook_450_g6Match-
Node
hpprobook_455_g6_firmwareRange<5.5.21.1099
AND
hpprobook_455_g6Match-
Node
hpprobook_455r_g6_firmwareRange<5.5.21.1099
AND
hpprobook_455r_g6Match-
Node
hpprobook_640_g5_firmwareRange<5.5.21.1099
AND
hpprobook_640_g5Match-
Node
hpprobook_650_g5_firmwareRange<5.5.21.1099
AND
hpprobook_650_g5Match-
Node
hpzbook_14u_g5_firmwareRange<5.5.21.1099
AND
hpzbook_14u_g5Match-
Node
hpzbook_14u_g6_firmwareRange<5.5.21.1099
AND
hpzbook_14u_g6Match-
Node
hpzbook_15_g5_firmwareRange<5.5.21.1099
AND
hpzbook_15_g5Match-
Node
hpzbook_15_g6_firmwareRange<5.5.21.1099
AND
hpzbook_15_g6Match-
Node
hpzbook_15u_g5_firmwareRange<5.5.21.1099
AND
hpzbook_15u_g5Match-
Node
hpzbook_15u_g6_firmwareRange<5.5.21.1099
AND
hpzbook_15u_g6Match-
Node
hpzbook_17_g5_firmwareRange<5.5.21.1099
AND
hpzbook_17_g5Match-
Node
hpzbook_17_g6_firmwareRange<5.5.21.1099
AND
hpzbook_17_g6Match-
Node
hpzbook_studio_g5_firmwareRange<5.5.21.1099
AND
hpzbook_studio_g5Match-
Node
hpzbook_studio_x360_g5_firmwareRange<5.5.21.1099
AND
hpzbook_studio_x360_g5Match-
Node
hpzhan_66_pro_13_g2_firmwareRange<5.5.21.1099
AND
hpzhan_66_pro_13_g2Match-
Node
hpzhan_66_pro_14_g2_firmwareRange<5.5.21.1099
AND
hpzhan_66_pro_14_g2Match-
Node
hpzhan_66_pro_15_g2_firmwareRange<5.5.21.1099
AND
hpzhan_66_pro_15_g2Match-
Node
hpzhan_x_13_g2_firmwareRange<5.5.21.1099
AND
hpzhan_x_13_g2Match-
Node
hpelite_slice_firmwareRange<5.2.3110.26
AND
hpelite_sliceMatch-
Node
hpeliteone_1000_g1_firmwareRange<5.2.5026.26
AND
hpeliteone_1000_g1Match-
Node
hpeliteone_1000_g2_firmwareRange<5.5.21.1099
AND
hpeliteone_1000_g2Match-
Node
hpmt44_firmwareRange<5.5.21.1099
AND
hpmt44Match-
Node
hpmt45_firmwareRange<5.5.21.1099
AND
hpmt45Match-
Node
hpenvy_x360_firmwareRange<5.5.26.1102
AND
hpenvy_x360Match-
Node
hppavilion_x360_firmwareRange<5.5.8.1116
AND
hppavilion_x360Match-
Node
hpspectre_x360_firmwareRange<5.5.26.1102
AND
hpspectre_x360Match-

Related

prion 1
nvd 1
hp 1
cvelist 1
lenovo 2
prion
prion
Improper access control
2020-07-22 14:15:00
nvd
nvd
CVE-2019-18618
2020-07-22 14:15:14
hp
hp
HPSBHF03674 rev. 1 - Synaptics® VFS75xx Fingerprint Sensors Equipped with External Flash
2020-07-10 00:00:00
cvelist
cvelist
CVE-2019-18618
2020-07-22 13:21:29
lenovo
lenovo
Synaptics Fingerprint Vulnerabilities - Lenovo Support US
2020-06-04 20:31:21
Synaptics Fingerprint Vulnerabilities - Lenovo Support NL
2020-06-04 20:31:21

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2019-18618
prion1nvd1hp1cvelist1lenovo2