CVE-2023-33217 (GCVE-0-2023-33217)
Vulnerability from cvelistv5 – Published: 2023-12-15 10:45 – Updated: 2024-08-02 15:39
VLAI?
Summary
By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent
denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer
Severity ?
7.5 (High)
4.9 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| IDEMIA | SIGMA Lite & Lite + |
Affected:
0 , < 4.15.5
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.734Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SIGMA Lite \u0026 Lite +",
"vendor": "IDEMIA",
"versions": [
{
"lessThan": "4.15.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SIGMA Wide",
"vendor": "IDEMIA",
"versions": [
{
"lessThan": "4.15.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SIGMA Extreme",
"vendor": "IDEMIA",
"versions": [
{
"lessThan": "4.15.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MorphoWave Compact/XP",
"vendor": "IDEMIA",
"versions": [
{
"lessThan": "2.12.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VisionPass",
"vendor": "IDEMIA",
"versions": [
{
"lessThan": "2.12.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MorphoWave SP",
"vendor": "IDEMIA",
"versions": [
{
"lessThan": "1.2.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nBy abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it\u0027s possible to cause a permanent \ndenial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer"
}
],
"value": "\nBy abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it\u0027s possible to cause a permanent \ndenial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "if you have kept the default Enforced Security mode or enabled the mTLS to identify the origin of the command issued to the termina"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-15T10:45:30.637Z",
"orgId": "a87f365f-9d39-4848-9b3a-58c7cae69cab",
"shortName": "IDEMIA"
},
"references": [
{
"url": "https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing integrity check on upgrade package",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a87f365f-9d39-4848-9b3a-58c7cae69cab",
"assignerShortName": "IDEMIA",
"cveId": "CVE-2023-33217",
"datePublished": "2023-12-15T10:45:30.637Z",
"dateReserved": "2023-05-18T14:32:49.222Z",
"dateUpdated": "2024-08-02T15:39:35.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:idemia:sigma_lite_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.15.5\", \"matchCriteriaId\": \"983A7DAD-1995-4A8A-8714-D47D4E90ABF2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:idemia:sigma_lite:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2F8847F-E51A-4A64-A2D4-FCDD193E7AFA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:idemia:sigma_lite\\\\+_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.15.5\", \"matchCriteriaId\": \"A2582E12-D19F-4660-A98C-6941C8C9081D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:idemia:sigma_lite\\\\+:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BB49653-25EA-4F69-A1B7-0ACA58F85FF1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:idemia:sigma_extreme_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.15.5\", \"matchCriteriaId\": \"865DE0C9-5384-45BD-AF81-5C416FCB962A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:idemia:sigma_extreme:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4FB05B6D-7D4C-4148-A05A-751B272B0E25\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:idemia:sigma_wide_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.15.5\", \"matchCriteriaId\": \"8E2D74C2-6C83-4111-B410-E81C7414309B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:idemia:sigma_wide:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE86F813-6021-4FEB-86A9-B7013EEB4416\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:idemia:morphowave_compact_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.12.2\", \"matchCriteriaId\": \"8BDA2ED3-4875-45EB-8489-8C6B8F44EF2A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:idemia:morphowave_compact:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B36E662E-C713-47E5-B07E-F0D9F1C63E9D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:idemia:morphowave_xp_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.12.2\", \"matchCriteriaId\": \"AEAD097B-E5A8-492F-9ABB-75D5D15A8F9F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:idemia:morphowave_xp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FA7252B-5871-4A13-B41D-752A5EA276F1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:idemia:visionpass_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.12.2\", \"matchCriteriaId\": \"1ED8DCF7-F85C-4513-BF69-5FE2D7185A96\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:idemia:visionpass:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDABE653-294E-478C-B458-F9A1206A0E7E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:idemia:morphowave_sp_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.2.7\", \"matchCriteriaId\": \"BF554F0F-8E5D-40A2-A676-8984AB685CEE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:idemia:morphowave_sp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFD369B0-119B-497B-9353-AB5E5E267FF9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"\\nBy abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it\u0027s possible to cause a permanent \\ndenial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer\"}, {\"lang\": \"es\", \"value\": \"Al abusar de un defecto de dise\\u00f1o en el mecanismo de actualizaci\\u00f3n del firmware del terminal afectado, es posible provocar una denegaci\\u00f3n permanente de servicio para el terminal. La \\u00fanica forma de recuperar el terminal es devolvi\\u00e9ndolo al fabricante.\"}]",
"id": "CVE-2023-33217",
"lastModified": "2024-11-21T08:05:09.300",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"a87f365f-9d39-4848-9b3a-58c7cae69cab\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2023-12-15T11:15:08.960",
"references": "[{\"url\": \"https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf\", \"source\": \"a87f365f-9d39-4848-9b3a-58c7cae69cab\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "a87f365f-9d39-4848-9b3a-58c7cae69cab",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"a87f365f-9d39-4848-9b3a-58c7cae69cab\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-33217\",\"sourceIdentifier\":\"a87f365f-9d39-4848-9b3a-58c7cae69cab\",\"published\":\"2023-12-15T11:15:08.960\",\"lastModified\":\"2024-11-21T08:05:09.300\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nBy abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it\u0027s possible to cause a permanent \\ndenial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer\"},{\"lang\":\"es\",\"value\":\"Al abusar de un defecto de dise\u00f1o en el mecanismo de actualizaci\u00f3n del firmware del terminal afectado, es posible provocar una denegaci\u00f3n permanente de servicio para el terminal. La \u00fanica forma de recuperar el terminal es devolvi\u00e9ndolo al fabricante.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"a87f365f-9d39-4848-9b3a-58c7cae69cab\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"a87f365f-9d39-4848-9b3a-58c7cae69cab\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:idemia:sigma_lite_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.15.5\",\"matchCriteriaId\":\"983A7DAD-1995-4A8A-8714-D47D4E90ABF2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:idemia:sigma_lite:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F8847F-E51A-4A64-A2D4-FCDD193E7AFA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:idemia:sigma_lite\\\\+_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.15.5\",\"matchCriteriaId\":\"A2582E12-D19F-4660-A98C-6941C8C9081D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:idemia:sigma_lite\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BB49653-25EA-4F69-A1B7-0ACA58F85FF1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:idemia:sigma_extreme_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.15.5\",\"matchCriteriaId\":\"865DE0C9-5384-45BD-AF81-5C416FCB962A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:idemia:sigma_extreme:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FB05B6D-7D4C-4148-A05A-751B272B0E25\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:idemia:sigma_wide_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.15.5\",\"matchCriteriaId\":\"8E2D74C2-6C83-4111-B410-E81C7414309B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:idemia:sigma_wide:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE86F813-6021-4FEB-86A9-B7013EEB4416\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:idemia:morphowave_compact_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.2\",\"matchCriteriaId\":\"8BDA2ED3-4875-45EB-8489-8C6B8F44EF2A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:idemia:morphowave_compact:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B36E662E-C713-47E5-B07E-F0D9F1C63E9D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:idemia:morphowave_xp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.2\",\"matchCriteriaId\":\"AEAD097B-E5A8-492F-9ABB-75D5D15A8F9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:idemia:morphowave_xp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FA7252B-5871-4A13-B41D-752A5EA276F1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:idemia:visionpass_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.2\",\"matchCriteriaId\":\"1ED8DCF7-F85C-4513-BF69-5FE2D7185A96\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:idemia:visionpass:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDABE653-294E-478C-B458-F9A1206A0E7E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:idemia:morphowave_sp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2.7\",\"matchCriteriaId\":\"BF554F0F-8E5D-40A2-A676-8984AB685CEE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:idemia:morphowave_sp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFD369B0-119B-497B-9353-AB5E5E267FF9\"}]}]}],\"references\":[{\"url\":\"https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf\",\"source\":\"a87f365f-9d39-4848-9b3a-58c7cae69cab\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…