CVE-2021-35520
6.2
Vector
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.3 / Impact: 5.9
Source: NVD
Description
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.
Affected (4)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.2 |
| Running on/with | Platform Versions |
|---|---|
Idemia Morphowave Compact Mdpi | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.2 |
| Running on/with | Platform Versions |
|---|---|
Idemia Morphowave Compact Mdpi M | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.2 |
| Running on/with | Platform Versions |
|---|---|
Idemia Visionpass Mdpi | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.2 |
| Running on/with | Platform Versions |
|---|---|
Idemia Visionpass Mdpi M | All versions |
References (6)
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.