CVE-2023-33217

Published: Dic 15, 2023 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2023-37387 Aliases: GSD-2023-33217
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: a87f365f-9d39-4848-9b3a-58c7cae69cab
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available


By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent
denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0012
Percentile
0,3th
Updated

EPSS Score Trend (Last 90 Days)

20

Improper Input Validation

Stable
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Confidentiality Integrity
Potential Impacts:
Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Read Memory Read Files Or Directories Modify Memory Execute Unauthorized Code Or Commands
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: High
View CWE Details
Operating System

Visionpass Firmware by Idemia

Product Information
Vendor Idemia
Product Visionpass Firmware
Version Range Affected
To 2.12.2 (exclusive)
cpe:2.3:o:idemia:visionpass_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sigma Extreme Firmware by Idemia

Product Information
Vendor Idemia
Product Sigma Extreme Firmware
Version Range Affected
To 4.15.5 (exclusive)
cpe:2.3:o:idemia:sigma_extreme_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Morphowave Compact Firmware by Idemia

Product Information
Vendor Idemia
Product Morphowave Compact Firmware
Version Range Affected
To 2.12.2 (exclusive)
cpe:2.3:o:idemia:morphowave_compact_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sigma Wide Firmware by Idemia

Product Information
Vendor Idemia
Product Sigma Wide Firmware
Version Range Affected
To 4.15.5 (exclusive)
cpe:2.3:o:idemia:sigma_wide_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sigma Lite Firmware by Idemia

Product Information
Vendor Idemia
Product Sigma Lite Firmware
Version Range Affected
To 4.15.5 (exclusive)
cpe:2.3:o:idemia:sigma_lite_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Sigma Lite\+ Firmware by Idemia

Product Information
Vendor Idemia
Product Sigma Lite\+ Firmware
Version Range Affected
To 4.15.5 (exclusive)
cpe:2.3:o:idemia:sigma_lite\+_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Morphowave Xp Firmware by Idemia

Product Information
Vendor Idemia
Product Morphowave Xp Firmware
Version Range Affected
To 2.12.2 (exclusive)
cpe:2.3:o:idemia:morphowave_xp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Morphowave Sp Firmware by Idemia

Product Information
Vendor Idemia
Product Morphowave Sp Firmware
Version Range Affected
To 1.2.7 (exclusive)
cpe:2.3:o:idemia:morphowave_sp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.idemia.com/wp-content/uploads/2023/11/Security-…
Vendor Advisory
https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-…
https://www.idemia.com/wp-content/uploads/2023/11/Security-…
Vendor Advisory
https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-…