Unrated severityNVD Advisory· Published Dec 15, 2023· Updated Aug 2, 2024

Missing integrity check on upgrade package

CVE-2023-33217

Description

By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer

Affected products

Idemia/Morpho Wave Compactcpe-rescue
Range: 0
IDEMIA/MorphoWave SPv5
Range: 0
IDEMIA/SIGMA Extremev5
Range: 0
IDEMIA/SIGMA Lite & Lite +v5
Range: 0
IDEMIA/SIGMA Widev5
Range: 0
Idemia/VisionPasscpe-rescue
Range: 0

Patches

Vulnerability mechanics

References

www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000