VYPR

DigitalPersona U.are.U 4500 Fingerprint Reader

by HID Global

CVEs (2)

  • CVE-2019-13603MedJul 16, 2019
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that.…

  • CVE-2019-13604MedJul 15, 2019
    risk 0.38cvss 5.9epss 0.01

    There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using…