Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.
References
| Link | Resource |
|---|---|
| https://support.hidglobal.com/ | Product |
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
14 Feb 2024, 20:59
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Hidglobal omnikey 5027 Firmware
Hidglobal omnikey 5023 Hidglobal iclass Se Readers Firmware Hidglobal omnikey 5427ck Hidglobal iclass Se Cp1000 Encoder Firmware Hidglobal iclass Se Readers Hidglobal iclass Se Processors Hidglobal iclass Se Reader Modules Hidglobal iclass Se Reader Modules Firmware Hidglobal iclass Se Processors Firmware Hidglobal omnikey 5023 Firmware Hidglobal omnikey 5127ck Firmware Hidglobal omnikey 5127ck Hidglobal omnikey 5027 Hidglobal omnikey 5427ck Firmware Hidglobal Hidglobal iclass Se Cp1000 Encoder |
|
| CWE | NVD-CWE-Other | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| Summary |
|
|
| References | () https://support.hidglobal.com/ - Product | |
| References | () https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01 - Third Party Advisory, US Government Resource | |
| CPE | cpe:2.3:o:hidglobal:iclass_se_processors_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5027:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5023:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_readers:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_reader_modules:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_cp1000_encoder:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5027_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_processors:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5127ck_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5427ck_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5427ck:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5127ck:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_readers_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5023_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_reader_modules_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_cp1000_encoder_firmware:*:*:*:*:*:*:*:* |
06 Feb 2024, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-06 23:15
Updated : 2024-02-14 20:59
NVD link : CVE-2024-22388
Mitre link : CVE-2024-22388
CVE.ORG link : CVE-2024-22388
JSON object : View
Products Affected
hidglobal
- iclass_se_reader_modules
- iclass_se_cp1000_encoder
- iclass_se_readers
- iclass_se_processors_firmware
- iclass_se_processors
- omnikey_5427ck_firmware
- omnikey_5023
- omnikey_5027_firmware
- omnikey_5127ck
- omnikey_5127ck_firmware
- iclass_se_reader_modules_firmware
- omnikey_5023_firmware
- omnikey_5027
- iclass_se_cp1000_encoder_firmware
- omnikey_5427ck
- iclass_se_readers_firmware
CWE