VYPR
Vendor

HID Global

Products
4
CVEs
5
Across products
5
Status
Private

Products

4

Recent CVEs

5
  • CVE-2020-36283CriMar 24, 2021
    risk 0.62cvss 9.6epss 0.01

    HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver (Ethernet Emulation Mode). By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the…

  • CVE-2024-22388MedFeb 6, 2024
    risk 0.38cvss 5.9epss 0.00

    Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.

  • CVE-2019-13603MedJul 16, 2019
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that.…

  • CVE-2019-13604MedJul 15, 2019
    risk 0.38cvss 5.9epss 0.01

    There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using…

  • CVE-2024-23806MedFeb 7, 2024
    risk 0.34cvss 5.3epss 0.00

    Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys.