Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.
References
| Link | Resource |
|---|---|
| https://support.hidglobal.com/ | Product |
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
14 Feb 2024, 20:59
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
|
| CPE | cpe:2.3:h:hidglobal:iclass_se_cp1000_encoder:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_processors_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_reader_modules:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5127ck:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5027_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5027:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5427ck:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_readers_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_reader_modules_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_readers:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_cp1000_encoder_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5023:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5023_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_processors:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5427ck_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5127ck_firmware:*:*:*:*:*:*:*:* |
|
| First Time |
Hidglobal
Hidglobal iclass Se Readers Firmware Hidglobal omnikey 5127ck Hidglobal omnikey 5027 Hidglobal iclass Se Cp1000 Encoder Hidglobal omnikey 5427ck Hidglobal iclass Se Processors Firmware Hidglobal omnikey 5023 Firmware Hidglobal iclass Se Processors Hidglobal omnikey 5427ck Firmware Hidglobal omnikey 5023 Hidglobal omnikey 5027 Firmware Hidglobal omnikey 5127ck Firmware Hidglobal iclass Se Reader Modules Hidglobal iclass Se Cp1000 Encoder Firmware Hidglobal iclass Se Reader Modules Firmware Hidglobal iclass Se Readers |
|
| CWE | NVD-CWE-Other | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| References | () https://support.hidglobal.com/ - Product | |
| References | () https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01 - Third Party Advisory, US Government Resource |
06 Feb 2024, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-06 23:15
Updated : 2024-02-14 20:59
NVD link : CVE-2024-22388
Mitre link : CVE-2024-22388
CVE.ORG link : CVE-2024-22388
JSON object : View
Products Affected
hidglobal
- omnikey_5127ck_firmware
- omnikey_5027_firmware
- iclass_se_cp1000_encoder
- omnikey_5127ck
- iclass_se_reader_modules
- omnikey_5023_firmware
- iclass_se_cp1000_encoder_firmware
- iclass_se_processors
- omnikey_5427ck_firmware
- iclass_se_processors_firmware
- omnikey_5023
- iclass_se_readers
- omnikey_5027
- omnikey_5427ck
- iclass_se_readers_firmware
- iclass_se_reader_modules_firmware
CWE