Lucene search
+L

330 matches found

Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.6 views

PT-2024-19953 · Synaptics +2 · Synaptics Fingerprint Readers +2

Name of the Vulnerable Software and Affected Versions: Lenovo devices with Synaptics fingerprint readers affected versions not specified Description: An authentication bypass issue was reported in Lenovo devices with Synaptics fingerprint readers. This could allow an attacker with physical access...

6.3CVSS7AI score0.0025EPSS
Exploits0References5
Lenovo
Lenovo
added 2024/03/12 4:32 p.m.10 views

Fingerprint Reader Vulnerabilities - Lenovo Support US

No description provided...

7.3AI score
Exploits0
NVD
NVD
added 2024/01/27 1:15 a.m.21 views

CVE-2023-6482

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a...

5.2CVSS5.1AI score0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/27 12:19 a.m.13 views

CVE-2023-6482 Encryption key derived from static host information

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a...

5.2CVSS6.8AI score0.00132EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/27 12:19 a.m.30 views

CVE-2023-6482 Encryption key derived from static host information

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a...

5.2CVSS5.4AI score0.00132EPSS
Exploits0References1
CVE
CVE
added 2024/01/27 12:19 a.m.83 views

CVE-2023-6482

CVE-2023-6482 affects Synaptics Fingerprint Driver. The root cause is use of an encryption key derived from static host information, enabling an attacker with physical access to set up a TLS session with the fingerprint sensor and issue restricted commands, potentially enrolling a fingerprint int...

5.2CVSS5.1AI score0.00132EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/27 12:0 a.m.6 views

Synaptics Fingerprint Driver Security Vulnerability

Synaptics Fingerprint Driver is a regional touch and swipe fingerprint driver from Synaptics, Inc. A security vulnerability exists in Synaptics Fingerprint Driver. An attacker exploited the vulnerability to enroll a fingerprint into a template database...

5.2CVSS6.7AI score0.00132EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/11/22 3:23 p.m.98 views

New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login

A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws were discovered by researchers at hardware and software product security and offensive...

6.1CVSS7AI score0.00649EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/10/11 5:0 p.m.13 views

CVE-2023-4936 Synaptics-DisplayLink-privilege escalation vulnerability via a dynamic library sideloading

It is possible to sideload a compromised DLL during the installation at elevated privilege...

5.5CVSS6.8AI score0.00214EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/10/11 5:0 p.m.32 views

CVE-2023-4936 Synaptics-DisplayLink-privilege escalation vulnerability via a dynamic library sideloading

It is possible to sideload a compromised DLL during the installation at elevated privilege...

5.5CVSS7.8AI score0.00214EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/11 12:0 a.m.6 views

Synaptics DisplayLink Graphics Code Issue Vulnerability

Synaptics DisplayLink Graphics is a graphics technology from Synaptics, Inc. Easily connect any display to any USB or Wi-Fi enabled computer. A security vulnerability exists in Synaptics DisplayLink Graphics 11.1 M1 and prior versions, which stems from an elevation of privilege vulnerability duri...

6.7CVSS7AI score0.00214EPSS
Exploits0References4
Lenovo
Lenovo
added 2023/01/06 8:18 p.m.14 views

Synaptics Fingerprint Driver Vulnerability - Lenovo Support US

No description provided...

7.1CVSS7AI score0.0026EPSS
Exploits0
OSV
OSV
added 2022/06/16 5:15 p.m.6 views

CVE-2021-3675

Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on...

7.1CVSS5.8AI score0.0026EPSS
Exploits0References3
NVD
NVD
added 2022/06/16 5:15 p.m.19 views

CVE-2021-3675

Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on...

7.1CVSS0.0026EPSS
Exploits0References3
Prion
Prion
added 2022/06/16 5:15 p.m.14 views

Input validation

Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on...

3.6CVSS6.7AI score0.0026EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/06/16 4:15 p.m.28 views

CVE-2021-3675 synaTEE.signed.dll Out-Of-Bounds Heap Write

Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on...

5.5CVSS6.9AI score0.0026EPSS
Exploits0References3
CVE
CVE
added 2022/06/16 4:15 p.m.80 views

CVE-2021-3675

CVE-2021-3675 affects Synaptics Fingerprint Driver’s SGX-enabled library synaTEE.signed.dll with improper input validation, enabling a local authorized attacker to overwrite a heap tag and potentially leak confidentiality. Affected versions include multiple 5.x and 6.x branches before specified b...

7.1CVSS6AI score0.0026EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/06/16 12:0 a.m.6 views

Synaptics Fingerprint Driver 缓冲区错误漏洞

Synaptics Fingerprint Driver is a regional touch and swipe fingerprint driver from Synaptics, Inc. The Synaptics Fingerprint Driver suffers from a buffer error vulnerability that originates from allowing a local attacker to send crafted commands to the driver's SGX Enclave to overwrite heap memor...

7.1CVSS7.4AI score0.0026EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.7 views

PT-2022-3401 · Synaptics · Synaptics Fingerprint Driver

Name of the Vulnerable Software and Affected Versions: Synaptics Fingerprint Driver versions 5.1.xxx.26 prior to xxx=340 on x86/64 Synaptics Fingerprint Driver versions 5.2.xxxx.26 prior to xxxx=3541 on x86/64 Synaptics Fingerprint Driver versions 5.2.2xx.26 prior to xx=29 on x86/64 Synaptics...

7.1CVSS6.7AI score0.0026EPSS
Exploits0References6
Hewlett-Packard
Hewlett-Packard
added 2022/06/14 12:0 a.m.18 views

Synaptics Fingerprint SGX-enabled Driver June 2022 Security Update

Synaptics has informed HP of a potential security vulnerability identified in Synaptics® Fingerprint drivers that use SGX which may allow denial of service and information disclosure. Synaptics has released mitigation for this potential vulnerability. Synaptics has released updates to mitigate th...

7.1CVSS7AI score0.0026EPSS
Exploits0Affected Software23
Rows per page
Query Builder