Known Vulnerabilities for products from Assaabloy
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Assaabloy".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Assaabloy can be found at device.report : Assaabloy
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-3315 json | Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resour... | Not Provided | 2026-03-10 | 2026-05-07 |
| CVE-2023-33371 json | Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, all... | 9.8 - CRITICAL | 2023-08-03 | 2023-08-05 |
| CVE-2023-33370 json | An uncaught exception vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to cause the main we... | 7.5 - HIGH | 2023-08-03 | 2023-08-07 |
| CVE-2023-33369 json | A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to delete arbitrary files... | 9.1 - CRITICAL | 2023-08-03 | 2023-08-07 |
| CVE-2023-33368 json | Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users a... | 6.5 - MEDIUM | 2023-08-03 | 2023-08-04 |
| CVE-2023-33367 json | A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write P... | 9.8 - CRITICAL | 2023-08-05 | 2023-08-09 |
| CVE-2023-26943 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-12-05 | 2024-01-16 |
| CVE-2023-26942 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-12-05 | 2024-01-16 |
| CVE-2023-26941 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-12-05 | 2024-01-16 |
| CVE-2023-4392 json | A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected by this issue is some unkno... | 5.3 - MEDIUM | 2023-08-17 | 2023-11-07 |
| CVE-2023-2044 json | A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic. This vulnerability affects unkn... | 6.1 - MEDIUM | 2023-04-14 | 2023-11-07 |
| CVE-2023-2043 json | A vulnerability, which was classified as problematic, was found in Control iD RHiD 23.3.19.0. This affects an unknown part of... | 9.8 - CRITICAL | 2023-04-14 | 2023-11-07 |
| CVE-2020-23826 json | ** DISPUTED ** The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command in... | 8.8 - HIGH | 2021-01-26 | 2023-11-07 |
| CVE-2020-10176 json | ASSA ABLOY Yale WIPC-301W 2.x.2.29 through 2.x.2.43_p1 devices allow Eval Injection of commands. | 9.8 - CRITICAL | 2020-05-07 | 2022-04-28 |
| CVE-2019-13604 json | There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. Th... | 5.9 - MEDIUM | 2019-07-15 | 2020-08-24 |
Known software with vulnerabilities from Assaabloy
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Assaabloy | Yale Wipc-301w | - |
| Operating System | Assaabloy | Yale Wipc-301w Firmware | 2.x.2.29 |