Control Id Idsecure Security Vulnerabilities and Issues — Control Id Idsecure CVE List

Lucene search

AssaabloyControl Id Idsecure

5 matches found

CVE•added 2023/08/03 1:15 a.m.•2497 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication.

9.8CVSS9.3AI score0.00054EPSS

CVE•added 2023/08/05 2:15 a.m.•39 views

CVE-2023-33367

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution.

9.8CVSS10AI score0.01075EPSS

CVE•added 2023/08/03 1:15 a.m.•32 views

CVE-2023-33369

A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to delete arbitrary files on IDSecure filesystem, causing a denial of service.

9.1CVSS8.9AI score0.00593EPSS

CVE•added 2025/06/24 8:15 p.m.•15 views

CVE-2025-49853

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries.

9.3CVSS7.4AI score0.00045EPSS

CVE•added 2025/06/24 8:15 p.m.•11 views

CVE-2025-49851

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper Authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product.

9.8CVSS7.6AI score0.0007EPSS