4 matches found
CVE-2024-23806
CVE-2024-23806 targets HID iCLASS SE reader configuration cards and related devices. The vulnerability is described as Improper Authorization (CWE-285) and can allow reading sensitive data from the configuration cards, including credential and device administrator keys. Affected products include ...
CVE-2024-22388 Insecure Default Initialization of Resource in HID Global
Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on February 6, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-037-01 HID Global Encoders ICSA-24-037-02 HID Global Reader Configuration Cards CISA...
HID Global Reader Configuration Cards
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low attack complexity Vendor : HID Global Equipment : Reader Configuration Cards Vulnerability : Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read the credential and device...