Product
idemia sigma extreme firmware
8 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-33222
CVE-2023-33221
CVE-2023-33220
CVE-2023-33219
CVE-2023-33218
CVE-2023-33217
CVE-2023-4667
CVE-2021-35522
< 4.15.5
When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the
< 4.15.5
When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the da
< 4.15.5
During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check
< 4.15.5
The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operation
< 4.15.5
The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentiall
< 4.15.5
By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent denial of
all versions
The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The st
all versions
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices befo