CVE-2025-59505 Windows Smart Card Reader Elevation of Privilege Vulnerability

...

CVE-2025-59505

CVE-2025-59505 is a Windows Smart Card Reader privilege-escalation vulnerability described as a double-free issue that could allow an authenticated local attacker to gain elevated privileges. The connected material confirms the CVE is categorized as a high-severity (CVSS v3.1 base 7.8) local, use...

CVE-2025-59505 Windows Smart Card Reader Elevation of Privilege Vulnerability

...

EUVD-2025-2377

Malicious code in bioql PyPI...

The vulnerability of the SmartCardReader class in the Smart Cards for Windows service (formerly known as Smart Card Resource Manager) on Windows operating systems allows a malicious individual to disclose protected information.

The vulnerability of the SmartCardReader class in the Smart Cards for Windows service previously known as Smart Card Resource Manager in Windows operating systems is related to the use of an uninitialized resource. Exploiting this vulnerability could allow an attacker to disclose sensitive...

CVE-2025-21312

Windows Smart Card Reader Information Disclosure Vulnerability...

CVE-2025-21312

Windows Smart Card Reader Information Disclosure Vulnerability...

CVE-2025-21312 Windows Smart Card Reader Information Disclosure Vulnerability

...

CVE-2025-21312 Windows Smart Card Reader Information Disclosure Vulnerability

...

CVE-2025-21312

CVE-2025-21312 is described as a Windows Smart Card Reader Information Disclosure vulnerability. The core technical details available across connected sources are limited to the CVE label, a CVSSv3.1 base score of 2.4 (PHYSICAL attack, low impact on confidentiality, no impact on integrity/availab...

Windows Smart Card Reader Information Disclosure Vulnerability

...

The vulnerability of the USB CCID component of the VMware Workstation virtualization platform and the VMware Fusion hypervisor allows a hacker to disclose protected information.

The vulnerability of the USB CCID component of the VMware Workstation virtualization platform and the VMware Fusion hypervisor is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that i...

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers

In what's an ingenious side-channel attack, a group of academics has found that it's possible to recover secret keys from a device by analyzing video footage of its power LED. "Cryptographic computations performed by the CPU change the power consumption of the device which affects the brightness ...

Power LED Side-Channel Attack

This is a clever new side-channel attack: The first attack uses an Internet-connected surveillance camera to take a high-speed video of the power LED on a smart card reader­--or of an attached peripheral device--­during cryptographic operations. This technique allowed the researchers to pull a...

Malware-Infested Smart Card Reader

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them. But by all accounts, the potential attack surface here is enormous, as many federal employees clearly will purchase these readers...

Arbitrary Code Execution

qemu-kvm is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the way qemu-kvm handled VSCATR messages when a guest was configured for a CCID Chip/Smart Card Interface Devices USB smart card reader in passthrough mode. An attacker able to connect to the port ...

January 10, 2017—KB3213986 (OS Build 14393.693)

January 10, 2017—KB3213986 OS Build 14393.693 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved the reliability of Groove Music playback in the background, App-V, video playback and...

"Attach a Smart Card Reader and Insert Your Smart Card to Log On" When Using Certificate Based Authentication in Native Receiver

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. "Attach a Smart Card Reader and Insert Your Smart Card to Log On" when using certificate based...

Attach a smart card reader and insert your smart card to log on

Failed to add store site on Citrix receiver with error "Attach a smart card reader and insert your smart card to log on". The customer did not enable smart card authentication method...

CentOS 5 : ccid (CESA-2013:1323)

An updated ccid package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...