CVE-2024-0454

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

CVE-2024-0454 Security Vulnerability on Match-on-Chip FPR Architecture

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

CVE-2024-0454

The CVE-2024-0454 issue affects Dell EMC ELAN Match-on-Chip FPR solutions, where a design fault can cause valid SID leakage and enumeration with a spoof sensor, enabling bypass of Windows Hello by cloning the SID to break account identity on the Dell Inspiron platform. Documented affected version...

PT-2024-15573 · Microsoft +1 · Windows Shell +1

Name of the Vulnerable Software and Affected Versions: ELAN Match-on-Chip FPR solution versions prior to 3.0.12011.08009 Legacy ELAN Match-on-Chip FPR solution versions prior to 3.3.12011.08103 ESS Description: The ELAN Match-on-Chip FPR solution has a design fault that poses a potential risk of...

Dell EMC ELAN Match-on-Chip FPR solution Security Vulnerability

The Dell EMC ELAN Match-on-Chip FPR solution is an on-chip match-on-chip FPR solution from Dell USA. A security vulnerability exists in previous versions of the Dell EMC ELAN Match-on-Chip FPR solution 3.0.12011.08009 Legacy/3.3.12011.08103 ESS, which stems from a SID leakage vulnerability that c...

New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login

A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws were discovered by researchers at hardware and software product security and offensive...