Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.
References
| Link | Resource |
|---|---|
| https://support.hidglobal.com/ | Product |
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
14 Feb 2024, 20:59
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
|
| CWE | NVD-CWE-Other | |
| CPE | cpe:2.3:o:hidglobal:iclass_se_processors_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5023_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_cp1000_encoder:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5027:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5127ck_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_reader_modules_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5027_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5427ck:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5023:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:omnikey_5427ck_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_readers_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_processors:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_readers:-:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:omnikey_5127ck:-:*:*:*:*:*:*:* cpe:2.3:o:hidglobal:iclass_se_cp1000_encoder_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hidglobal:iclass_se_reader_modules:-:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| First Time |
Hidglobal omnikey 5127ck Firmware
Hidglobal iclass Se Processors Firmware Hidglobal iclass Se Readers Hidglobal iclass Se Readers Firmware Hidglobal omnikey 5023 Hidglobal omnikey 5023 Firmware Hidglobal Hidglobal omnikey 5127ck Hidglobal iclass Se Processors Hidglobal iclass Se Reader Modules Hidglobal omnikey 5427ck Hidglobal iclass Se Cp1000 Encoder Hidglobal omnikey 5427ck Firmware Hidglobal iclass Se Cp1000 Encoder Firmware Hidglobal omnikey 5027 Firmware Hidglobal omnikey 5027 Hidglobal iclass Se Reader Modules Firmware |
|
| References | () https://support.hidglobal.com/ - Product | |
| References | () https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01 - Third Party Advisory, US Government Resource |
06 Feb 2024, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-06 23:15
Updated : 2024-02-14 20:59
NVD link : CVE-2024-22388
Mitre link : CVE-2024-22388
CVE.ORG link : CVE-2024-22388
JSON object : View
Products Affected
hidglobal
- omnikey_5027_firmware
- iclass_se_reader_modules_firmware
- iclass_se_reader_modules
- omnikey_5023
- iclass_se_readers_firmware
- iclass_se_processors
- iclass_se_processors_firmware
- iclass_se_cp1000_encoder
- iclass_se_cp1000_encoder_firmware
- iclass_se_readers
- omnikey_5127ck
- omnikey_5427ck_firmware
- omnikey_5127ck_firmware
- omnikey_5023_firmware
- omnikey_5027
- omnikey_5427ck
CWE