By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent
denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer
References
| Link | Resource |
|---|---|
| https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf | Vendor Advisory |
| https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
21 Nov 2024, 08:05
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf - Vendor Advisory |
21 Dec 2023, 19:24
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| Summary |
|
|
| CPE | cpe:2.3:h:idemia:visionpass:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_extreme_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_compact_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_extreme:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:visionpass_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_sp_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_xp:-:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_lite\+:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_xp_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_lite:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_lite\+_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_sp:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_lite_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_wide_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_compact:-:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_wide:-:*:*:*:*:*:*:* |
|
| References | () https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf - Vendor Advisory | |
| First Time |
Idemia sigma Lite
Idemia sigma Extreme Firmware Idemia sigma Extreme Idemia visionpass Firmware Idemia sigma Lite Firmware Idemia morphowave Compact Idemia morphowave Compact Firmware Idemia visionpass Idemia Idemia sigma Wide Firmware Idemia sigma Lite\+ Idemia morphowave Xp Idemia morphowave Sp Firmware Idemia sigma Wide Idemia morphowave Sp Idemia sigma Lite\+ Firmware Idemia morphowave Xp Firmware |
15 Dec 2023, 13:41
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-15 11:15
Updated : 2024-11-21 08:05
NVD link : CVE-2023-33217
Mitre link : CVE-2023-33217
CVE.ORG link : CVE-2023-33217
JSON object : View
Products Affected
idemia
- sigma_lite\+_firmware
- morphowave_xp
- sigma_extreme_firmware
- visionpass
- sigma_lite_firmware
- visionpass_firmware
- sigma_lite\+
- sigma_lite
- sigma_extreme
- morphowave_compact_firmware
- morphowave_xp_firmware
- sigma_wide_firmware
- sigma_wide
- morphowave_sp_firmware
- morphowave_compact
- morphowave_sp
CWE