CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
20.6%
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader’s communication memory between the card and reader.
Vendor | Product | Version | CPE |
---|---|---|---|
johnsoncontrols | iosmart_gen_1_firmware | * | cpe:2.3:o:johnsoncontrols:iosmart_gen_1_firmware:*:*:*:*:*:*:*:* |
johnsoncontrols | iosmart_gen_1 | - | cpe:2.3:h:johnsoncontrols:iosmart_gen_1:-:*:*:*:*:*:*:* |