CVE-2024-23806 – HID Global Reader Configuration Cards Improper Authorization
https://notcve.org/view.php?id=CVE-2024-23806
Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys. Se pueden extraer datos confidenciales de las tarjetas de configuración del lector HID iCLASS SE. Esto podría incluir claves de administrador de dispositivos y credenciales. • https://https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-02 https://www.hidglobal.com/support https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-02 • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVE-2024-22388 – Insecure Default Initialization of Resource in HID Global
https://notcve.org/view.php?id=CVE-2024-22388
Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys. Cierta configuración disponible en el canal de comunicación para codificadores podría exponer datos confidenciales cuando se programan las tarjetas de configuración del lector. Estos datos podrían incluir claves de administración de dispositivos y credenciales. • https://support.hidglobal.com https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01 • CWE-285: Improper Authorization CWE-1188: Initialization of a Resource with an Insecure Default •
CVE-2023-2904 – CVE-2023-2904
https://notcve.org/view.php?id=CVE-2023-2904
The External Visitor Manager portal of HID’s SAFE versions 5.8.0 through 5.11.3 are vulnerable to manipulation within web fields in the application programmable interface (API). An attacker could log in using account credentials available through a request generated by an internal user and then manipulate the visitor-id within the web API to access the personal data of other users. There is no limit on the number of requests that can be made to the HID SAFE Web Server, so an attacker could also exploit this vulnerability to create a denial-of-service condition. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-02 • CWE-471: Modification of Assumed-Immutable Data (MAID) •
CVE-2022-31486 – Command injection via Advanced Networking route add functionality
https://notcve.org/view.php?id=CVE-2022-31486
An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303 for the LP series and 1.297 for the EP series. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or cause the device to become unstable. Un atacante autenticado puede enviar una ruta especialmente diseñada al binario "edit_route.cgi" y hacer que ejecute comandos de shell. Esta vulnerabilidad afecta a los productos basados en los controladores inteligentes HID Mercury LP1501, LP1502, LP2500, LP4502 y EP4502 que contienen versiones de firmware anteriores a 1.303 para la serie LP y 1.297 para la serie EP. • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-31485 – Unauthenticated homepage note modification
https://notcve.org/view.php?id=CVE-2022-31485
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. Un atacante no autenticado puede enviar un paquete especialmente diseñado para actualizar la sección "notes" de la página de inicio de la interfaz web. Esta vulnerabilidad afecta a los productos basados en los controladores inteligentes HID Mercury LP1501, LP1502, LP2500, LP4502 y EP4502 que contienen versiones de firmware anteriores a 1.29 • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-425: Direct Request ('Forced Browsing') •