4 matches found
CVE-2017-20040
The CVE-2017-20040 entry concerns SICUNET Access Controller 0.32-05z, specifically the Password Storage component. The vulnerability is described as enabling weak encryption due to manipulation of password storage, with exploitation requiring local access. No explicit exploit details, affected ve...
CVE-2017-20037
CVE-2017-20037 affects SICUNET Access Controller 0.32-05z. The vulnerability stems from an issue with an argument c that, when manipulated, leads to privilege escalation. The attack can be launched remotely. The connected references consistently describe an unknown affected functionality and clas...
CVE-2017-20038
SICUNET Access Controller 0.32-05z contains a vulnerability in card_scan_decoder.php where manipulating the No/door parameter leads to privilege escalation. The attack may be launched remotely, giving an attacker network-accessed, unauthorized privilege elevation with partial confidentiality/inte...
CVE-2017-20039
The CVE-2017-20039 entry refers to SICUNET Access Controller 0.32-05z. Affected component: system’s authentication mechanism; root cause: weak authentication that can be triggered remotely. Impact: high risk due to remote exploit potential and partial confidentiality/integrity/availability impact...