Skip to main content

Visionpass Md Firmware

2 CVEs product

Monthly

CVE-2021-35522 CRITICAL PATCH Act Now

A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Information Disclosure Morphowave Compact Mdpi Firmware +9
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2021-35521 MEDIUM PATCH This Month

A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Path Traversal Information Disclosure Morphowave Compact Mdpi Firmware Morphowave Compact Mdpi M Firmware Visionpass Mdpi Firmware +3
NVD
CVSS 3.1
5.9
EPSS
1.4%
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +11
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Path Traversal Information Disclosure Morphowave Compact Mdpi Firmware +5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy