CVE-2026-32088

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...

EUVD-2026-22524

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2026-32088

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2026-32088

CVE-2026-32088 describes a security feature bypass in the Windows Biometric Service. Affected component: Windows Biometric Framework service on Windows. The underlying root cause is not explicitly detailed in the provided documents. CVSS metrics indicate an attacker with physical access can explo...

CVE-2026-32088 Windows Biometric Service Security Feature Bypass Vulnerability

...

Windows Biometric Service Security Feature Bypass Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...

Microsoft Windows 竞争条件问题漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows Biometric Service has a vulnerability that can lead to competitive conditions. Attackers can exploit this vulnerability to bypass certain features. The following products and...

CVE-2025-36462 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2175 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability November 17, 2025 CVE Number CVE-2025-36462,CVE-2025-36463,CVE-2025-36460,CVE-2025-36461 SUMMARY Multiple out-of-bounds read and write vulnerabilities...

PT-2025-47214

Name of the Vulnerable Software and Affected Versions Dell ControlVault3 versions prior to 5.15.14.19 Dell ControlVault3 Plus versions prior to 6.2.36.47 Description The software contains out-of-bounds read and write issues within the ControlVault WBDI Driver Broadcom Storage Adapter functionalit...

Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability

Talos Vulnerability Report TALOS-2025-2173 Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability November 17, 2025 CVE Number CVE-2025-31649 SUMMARY A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 5.14.3.0. A...

CVE-2019-18619

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave all versions prior to 2019-11-15 allows a local user to execute arbitrary code in the enclave that can compromise confidentiality of enclave data via APIs that accept invalid pointers...

CVE-2019-13603

An issue was discovered in the HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combinatio...

Code injection

An issue was discovered in the HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combinatio...

CVE-2019-13603

An issue was discovered in the HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combinatio...

CVE-2019-13603

The CVE-2019-13603 entry concerns HID Global DigitalPersona U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. The root cause is a statically coded initialization vector used to encrypt a user’s fingerprint image, yielding weak encryption. In combination with access to an...