CVE-2025-59505 Windows Smart Card Reader Elevation of Privilege Vulnerability

...

CVE-2025-59505 Windows Smart Card Reader Elevation of Privilege Vulnerability

...

CVE-2025-59505

CVE-2025-59505 is a Windows Smart Card Reader privilege-escalation vulnerability described as a double-free issue that could allow an authenticated local attacker to gain elevated privileges. The connected material confirms the CVE is categorized as a high-severity (CVSS v3.1 base 7.8) local, use...

EUVD-2025-2377

Malicious code in bioql PyPI...

CVE-2025-21312

Windows Smart Card Reader Information Disclosure Vulnerability...

CVE-2025-21312

Windows Smart Card Reader Information Disclosure Vulnerability...

CVE-2025-21312 Windows Smart Card Reader Information Disclosure Vulnerability

...

CVE-2025-21312 Windows Smart Card Reader Information Disclosure Vulnerability

...

CVE-2025-21312

CVE-2025-21312 is described as a Windows Smart Card Reader Information Disclosure vulnerability. The core technical details available across connected sources are limited to the CVE label, a CVSSv3.1 base score of 2.4 (PHYSICAL attack, low impact on confidentiality, no impact on integrity/availab...

Windows Smart Card Reader Information Disclosure Vulnerability

...

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers

In what's an ingenious side-channel attack, a group of academics has found that it's possible to recover secret keys from a device by analyzing video footage of its power LED. "Cryptographic computations performed by the CPU change the power consumption of the device which affects the brightness ...

Power LED Side-Channel Attack

This is a clever new side-channel attack: The first attack uses an Internet-connected surveillance camera to take a high-speed video of the power LED on a smart card reader­--or of an attached peripheral device--­during cryptographic operations. This technique allowed the researchers to pull a...

Malware-Infested Smart Card Reader

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them. But by all accounts, the potential attack surface here is enormous, as many federal employees clearly will purchase these readers...

Arbitrary Code Execution

qemu-kvm is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the way qemu-kvm handled VSCATR messages when a guest was configured for a CCID Chip/Smart Card Interface Devices USB smart card reader in passthrough mode. An attacker able to connect to the port ...

January 10, 2017—KB3213986 (OS Build 14393.693)

January 10, 2017—KB3213986 OS Build 14393.693 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved the reliability of Groove Music playback in the background, App-V, video playback and...

"Attach a Smart Card Reader and Insert Your Smart Card to Log On" When Using Certificate Based Authentication in Native Receiver

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. "Attach a Smart Card Reader and Insert Your Smart Card to Log On" when using certificate based...

Attach a smart card reader and insert your smart card to log on

Failed to add store site on Citrix receiver with error "Attach a smart card reader and insert your smart card to log on". The customer did not enable smart card authentication method...

CentOS 5 : ccid (CESA-2013:1323)

An updated ccid package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Scientific Linux Security Update : ccid on SL5.x i386/x86_64 (20130930)

An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon root, by default, by inserting a...

ccid security update

CentOS Errata and Security Advisory CESA-2013:1323 An updated ccid package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS...