VYPR

CGFIDO

by Changing Inc.

CVEs (2)

  • CVE-2024-12839HigDec 31, 2024
    risk 0.57cvss 8.8epss 0.01

    The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability. If a user visits a forged website, the agent program deployed on their device will send an authentication signature to the website. An…

  • CVE-2024-12838HigDec 31, 2024
    risk 0.57cvss 8.8epss 0.01

    The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.