EUVD-2019-5042

Malware in sbrugna...

EUVD-2019-5043

Malware in sbrugna...

CVE-2019-13603

An issue was discovered in the HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combinatio...

CVE-2019-13604

There is a short key vulnerability in HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using the key. Successful...

CVE-2024-23806 HID Global Reader Configuration Cards Improper Authorization

Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys...

CVE-2024-23806 HID Global Reader Configuration Cards Improper Authorization

Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys...

CVE-2024-22388 Insecure Default Initialization of Resource in HID Global

Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys...

CVE-2024-22388 Insecure Default Initialization of Resource in HID Global

Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 6, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-037-01 HID Global Encoders ICSA-24-037-02 HID Global Reader Configuration Cards CISA...

HID Global Reader Configuration Cards

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low attack complexity Vendor : HID Global Equipment : Reader Configuration Cards Vulnerability : Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read the credential and device...

HID Global Encoders

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable locally Vendor : HID Global Equipment : iCLASS SE, OMNIKEY Vulnerability : Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read data from reader configuration...

HID Global OMNIKEY Security Breach

HID Global OMNIKEY is a hardware device from HID Global, Inc. It is used to read cards. A security vulnerability exists in the HID Global OMNIKEY and iCLASS SE. An attacker could exploit the vulnerability to obtain sensitive information...

PT-2024-19381 · Hid Global · Omnikey 5023 Readers +15

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns certain configurations in the communication channel for encoders that could expose sensitive data when reader configuration cards are...

HID Global HID SAFE 安全漏洞

HID Global HID SAFE is an authentication and access control solution developed by HID Global. It is a comprehensive, enterprise-class access control system designed to provide advanced authentication, access management and security auditing capabilities. A security vulnerability exists in HID...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta...

HID Global SAFE

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: HID Global Equipment: SAFE Vulnerabilities: Modification of Assumed-Immutable Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposure of personal data or create a...

HID Global DigitalPersona FPSensor 代码问题漏洞

HID Global DigitalPersona is a new method of providing authentication services to users from HID Global. A code issue vulnerability exists in HID Global DigitalPersona FPSensor version 1.0.0.1, which stems from a problem with the file C:Program Files x86FPSensorinDpHost.exe, which results in an...

HID Global OMNIKEY 跨站请求伪造漏洞

HID Global OMNIKEY is a hardware device from HID Global, Inc. It is used to read cards. A security vulnerability exists in the HID OMNIKEY 5427 and OMNIKEY 5127 readers, which can be exploited by a remote attacker to upload a configuration file by convincing an authenticated user to visit a...

ActivIdentity 8.2 Unquoted Service Path

Exploit Title: ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-21 Software Version : ActivIdentity 8.2 Vendor Homepage : https://www.hidglobal.com/ Tested on OS: Windows 7 Pro ActivIdentity was Acquired by HID Global in Octuber 2010...

ActivIdentity 8.2 - (ac.sharedstore) Unquoted Service Path Vulnerability

Exploit Title: ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path Exploit Author : SamAlucard Software Version : ActivIdentity 8.2 Vendor Homepage : https://www.hidglobal.com/ Tested on OS: Windows 7 Pro ActivIdentity was Acquired by HID Global in Octuber 2010 ActivClient is a desktop...