CVE-2021-35520
Summary
| CVE | CVE-2021-35520 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-07-22 12:15:00 UTC |
| Updated | 2021-08-06 13:37:00 UTC |
| Description | A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Idemia | Morphowave Compact Mdpi | - | All | All | All |
| Hardware | Idemia | Morphowave Compact Mdpi-m | - | All | All | All |
| Operating System | Idemia | Morphowave Compact Mdpi-m Firmware | All | All | All | All |
| Operating System | Idemia | Morphowave Compact Mdpi Firmware | All | All | All | All |
| Hardware | Idemia | Visionpass Mdpi | - | All | All | All |
| Hardware | Idemia | Visionpass Mdpi-m | - | All | All | All |
| Operating System | Idemia | Visionpass Mdpi-m Firmware | All | All | All | All |
| Operating System | Idemia | Visionpass Mdpi Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| The global leader in Augmented Identity | IDEMIA | MISC | www.idemia.com | |
| IDEMIA Biometric Devices Portal | MISC | biometricdevices.idemia.com | |
| IDEMIA Biometric Devices Portal | MISC | biometricdevices.idemia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.