CVE-2022-40633

A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks...

CVE-2025-25650

An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5433WBSKv2.2220605 allows attackers to produce cloned NFC cards to bypass authentication...

CVE-2025-25650

CVE-2025-25650 affects Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605. The vulnerability is in the storage of NFC card data, described as an improper storage of NFC card data, which could allow attackers to produce cloned NFC cards to bypass authentication. The Connected documents corroborate ...

How easily access cards can be cloned and why your PACS might be vulnerable

TL;DR Access cards can be cloned There are practical measures to make card cloning difficult Practical guidance on how these systems work and why you should make sure they’re configured right What is a physical access control system? A physical access control system, or PACS, is the system that...

The vulnerability of the central control module of the Rittal CMC III system, due to deficiencies in access control, allows unauthorized access by intruders to protected information and enhances their privileges.

The vulnerability of the central control block of the Rittal CMC III system is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information and enhance their privileges by cloning the access card used to open...

PT-2022-6465 · Rittal · Rittal Cmc Pu Iii

Name of the Vulnerable Software and Affected Versions: Rittal CMC III affected versions not specified Description: The issue is related to inadequate access control in the Rittal CMC III central control unit, which can be exploited by an attacker to gain unauthorized access to protected informati...

Prilex: the pricey prickle credit card complex

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. The group was behind one of the largest attacks on ATMs in the country, infecting and jackpotting more than 1,000 machines, while also cloning in excess of 28,000 credit cards that...

Security Issues in PoS Terminals Open Consumers to Fraud

Researchers are detailing widespread security issues in point-of-sale PoS terminals – specifically, three terminal device families manufactured by vendors Verifone and Ingenico. Click to register. The issues, which have been disclosed to the vendors and since patched, open several popular PoS...

An Android App for RFID Card Cloning: Project Walrus

Walrus is an Android app that simplifies using several existing contactless card cloning devices during red team engagements and physical security assessments. It offers a common interface and database for storing cloned cards. Currently, Walrus supports the industry standard Proxmark 3, Chameleo...

Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards

Sonic Drive-In, a fast-food chain with nearly 3,600 locations across 45 U.S. states, has acknowledged a breach affecting an unknown number of store payment systems. The ongoing breach may have led to a fire sale on millions of stolen credit and debit card accounts that are now being peddled in...

Beware of Skimming Devices Installed on the ATM Vestibule Doors

Despite anti-skimmer ATM Lobby access control system available in the market, we have seen a number of incidents in recent years where criminals used card skimmers at ATM doors. Few years back, cyber criminals started using card skimmers on the door of the ATM vestibule, where customers have to...

Pre-Play Vulnerability Allows Chip-and-PIN Payment Card Cloning

In March this year, we reported that the major card distributor companies, VISA and Mastercard are migrating to EMV chip cards, also known as PIN-and-Chip cards. Unlike traditional magnetic stripe payment cards, EMV chip cards generates a unique code for every transaction, making it nearly...

NXP Semiconductors MIFARE Classic智能卡存在多个未明安全漏洞

BUGTRAQ ID: 30668 CNCAN ID：CNCAN-2008081409 NXP Semiconductors MIFARE是一款一卡通常用的芯片解决方案。 MIFARE智能卡存在多个未明安全问题，攻击者可以利用漏洞克隆卡或伪造未授权卡。 作者将在DEFCON上进行演讲。目前没有详细漏洞细节提供 NXP Semiconductors MiFARE Classic 目前没有解决方案提供： http://www.nxp.com/...