CVE-2021-35522
 
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.
Un desbordamiento del búfer en los manejadores de comandos Thrift en los dispositivos IDEMIA Morpho Wave Compact y VisionPass versiones anteriores a 2.6.2, los dispositivos Sigma versiones anteriores a 4.9.4 y los dispositivos MA VP MD versiones anteriores a 4.9.7, permite a atacantes remotos lograr una ejecución de código, denegación de servicios y divulgación de información por medio de paquetes TCP/IP
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-06-28 CVE Reserved
- 2021-07-22 CVE Published
- 2024-08-04 CVE Updated
- 2024-09-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://www.idemia.com | Product |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Idemia Search vendor "Idemia" | Morphowave Compact Mdpi Firmware Search vendor "Idemia" for product "Morphowave Compact Mdpi Firmware" | < 2.6.2 Search vendor "Idemia" for product "Morphowave Compact Mdpi Firmware" and version " < 2.6.2" | - |
Affected
| in | Idemia Search vendor "Idemia" | Morphowave Compact Mdpi Search vendor "Idemia" for product "Morphowave Compact Mdpi" | - | - |
Safe
|
Idemia Search vendor "Idemia" | Morphowave Compact Mdpi-m Firmware Search vendor "Idemia" for product "Morphowave Compact Mdpi-m Firmware" | < 2.6.2 Search vendor "Idemia" for product "Morphowave Compact Mdpi-m Firmware" and version " < 2.6.2" | - |
Affected
| in | Idemia Search vendor "Idemia" | Morphowave Compact Mdpi-m Search vendor "Idemia" for product "Morphowave Compact Mdpi-m" | - | - |
Safe
|
Idemia Search vendor "Idemia" | Visionpass Mdpi Firmware Search vendor "Idemia" for product "Visionpass Mdpi Firmware" | < 2.6.2 Search vendor "Idemia" for product "Visionpass Mdpi Firmware" and version " < 2.6.2" | - |
Affected
| in | Idemia Search vendor "Idemia" | Visionpass Mdpi Search vendor "Idemia" for product "Visionpass Mdpi" | - | - |
Safe
|
Idemia Search vendor "Idemia" | Visionpass Mdpi-m Firmware Search vendor "Idemia" for product "Visionpass Mdpi-m Firmware" | < 2.6.2 Search vendor "Idemia" for product "Visionpass Mdpi-m Firmware" and version " < 2.6.2" | - |
Affected
| in | Idemia Search vendor "Idemia" | Visionpass Mdpi-m Search vendor "Idemia" for product "Visionpass Mdpi-m" | - | - |
Safe
|
Idemia Search vendor "Idemia" | Visionpass Md Firmware Search vendor "Idemia" for product "Visionpass Md Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Visionpass Md Search vendor "Idemia" for product "Visionpass Md" | 2.6.2 Search vendor "Idemia" for product "Visionpass Md" and version "2.6.2" | - |
Safe
|
Idemia Search vendor "Idemia" | Morphowave Compact Md Firmware Search vendor "Idemia" for product "Morphowave Compact Md Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Morphowave Compact Md Search vendor "Idemia" for product "Morphowave Compact Md" | 2.6.2 Search vendor "Idemia" for product "Morphowave Compact Md" and version "2.6.2" | - |
Safe
|
Idemia Search vendor "Idemia" | Sigma Lite Firmware Search vendor "Idemia" for product "Sigma Lite Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Sigma Lite Search vendor "Idemia" for product "Sigma Lite" | 4.9.4 Search vendor "Idemia" for product "Sigma Lite" and version "4.9.4" | - |
Safe
|
Idemia Search vendor "Idemia" | Sigma Lite\+ Firmware Search vendor "Idemia" for product "Sigma Lite\+ Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Sigma Lite\+ Search vendor "Idemia" for product "Sigma Lite\+" | 4.9.4 Search vendor "Idemia" for product "Sigma Lite\+" and version "4.9.4" | - |
Safe
|
Idemia Search vendor "Idemia" | Sigma Wide Firmware Search vendor "Idemia" for product "Sigma Wide Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Sigma Wide Search vendor "Idemia" for product "Sigma Wide" | 4.9.4 Search vendor "Idemia" for product "Sigma Wide" and version "4.9.4" | - |
Safe
|
Idemia Search vendor "Idemia" | Sigma Extreme Firmware Search vendor "Idemia" for product "Sigma Extreme Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Sigma Extreme Search vendor "Idemia" for product "Sigma Extreme" | 4.9.4 Search vendor "Idemia" for product "Sigma Extreme" and version "4.9.4" | - |
Safe
|
Idemia Search vendor "Idemia" | Ma Vp Md Firmware Search vendor "Idemia" for product "Ma Vp Md Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Ma Vp Md Search vendor "Idemia" for product "Ma Vp Md" | 4.9.7 Search vendor "Idemia" for product "Ma Vp Md" and version "4.9.7" | - |
Safe
|
Idemia Search vendor "Idemia" | Visionpass Md Firmware Search vendor "Idemia" for product "Visionpass Md Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Visionpass Md Search vendor "Idemia" for product "Visionpass Md" | 2.6.2 Search vendor "Idemia" for product "Visionpass Md" and version "2.6.2" | - |
Safe
|
Idemia Search vendor "Idemia" | Morphowave Compact Md Firmware Search vendor "Idemia" for product "Morphowave Compact Md Firmware" | - | - |
Affected
| in | Idemia Search vendor "Idemia" | Morphowave Compact Md Search vendor "Idemia" for product "Morphowave Compact Md" | 2.6.2 Search vendor "Idemia" for product "Morphowave Compact Md" and version "2.6.2" | - |
Safe
|