Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow...
9.8CVSS
9.6AI Score
0.65EPSS
Anviz access control devices allow unverified password change which allows remote attackers to change the administrator password without prior...
9.8CVSS
9.5AI Score
0.02EPSS
Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port...
7.5CVSS
7.4AI Score
0.002EPSS
Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port...
5.3CVSS
5.5AI Score
0.002EPSS
The Anviz Management System for access control has insufficient logging for device events such as door open...
7.5CVSS
7.5AI Score
0.001EPSS
Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port...
7.5CVSS
7.5AI Score
0.007EPSS
9.8CVSS
9.4AI Score
0.014EPSS
Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door...
7.5CVSS
7.5AI Score
0.001EPSS
Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list (which includes RFID codes and passcodes in cleartext),.....
9.8CVSS
9.2AI Score
0.005EPSS