CVE-2024-37990

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....

Default configuration

Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys...

CVE-2024-23806

CVE-2024-23806 targets HID iCLASS SE reader configuration cards and related devices. The vulnerability is described as Improper Authorization (CWE-285) and can allow reading sensitive data from the configuration cards, including credential and device administrator keys. Affected products include ...

CVE-2024-22388

Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys...

CVE-2024-22388 Insecure Default Initialization of Resource in HID Global

Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 6, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-037-01 HID Global Encoders ICSA-24-037-02 HID Global Reader Configuration Cards CISA...

HID Global Reader Configuration Cards

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low attack complexity Vendor : HID Global Equipment : Reader Configuration Cards Vulnerability : Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read the credential and device...