Design/Logic Flaw

2020-09-1514:15:00

PRIOn knowledge base

www.prio-n.com

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.6%

JSON

On controllers running versions of v8.20 prior to vCR8.20.200221b (distributed in v8.20.1093(MR2)), v8.10 prior to vGR8.10.179 (distributed in v8.10.1211(MR5)), v8.00 prior to vGR8.00.165 (Distributed in v8.00.1228(MR6)), v7.90 prior to vGR7.90.165 (distributed in v7.90.1038(MRX)), v7.80 or earlier, It is possible to retrieve site keys used for securing MIFARE Plus and Desfire using debug ports on T Series readers.

CPENameOperatorVersion
command_centrege8.20
command_centrelt8.20.1093
command_centreeq8.20.1093
command_centreeq8.10.1211
command_centrege8.10
command_centrelt8.10.1211
command_centreeq8.00.1228
command_centrege8.00
command_centrelt8.00.1228
command_centreeq7.90.1038

Name	Operator	Version
command_centre	ge	8.20
command_centre	lt	8.20.1093
command_centre	eq	8.20.1093
command_centre	eq	8.10.1211
command_centre	ge	8.10
command_centre	lt	8.10.1211
command_centre	eq	8.00.1228
command_centre	ge	8.00
command_centre	lt	8.00.1228
command_centre	eq	7.90.1038