By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent
denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer
References
| Link | Resource |
|---|---|
| https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf | Vendor Advisory |
| https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
21 Nov 2024, 08:05
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf - Vendor Advisory |
21 Dec 2023, 19:24
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| First Time |
Idemia sigma Lite\+
Idemia sigma Lite\+ Firmware Idemia sigma Lite Firmware Idemia morphowave Sp Firmware Idemia morphowave Xp Firmware Idemia sigma Extreme Idemia visionpass Idemia morphowave Compact Idemia sigma Lite Idemia sigma Wide Idemia sigma Wide Firmware Idemia visionpass Firmware Idemia sigma Extreme Firmware Idemia morphowave Compact Firmware Idemia Idemia morphowave Sp Idemia morphowave Xp |
|
| CWE | NVD-CWE-noinfo | |
| References | () https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf - Vendor Advisory | |
| CPE | cpe:2.3:h:idemia:visionpass:-:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_lite:-:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_extreme:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:visionpass_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_sp:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_sp_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_wide_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_lite\+_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_lite\+:-:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_wide:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_lite_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_xp_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_extreme_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_compact_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_compact:-:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_xp:-:*:*:*:*:*:*:* |
15 Dec 2023, 11:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE | ||
Information
Published : 2023-12-15 11:15
Updated : 2024-11-21 08:05
NVD link : CVE-2023-33217
Mitre link : CVE-2023-33217
CVE.ORG link : CVE-2023-33217
JSON object : View
Products Affected
idemia
- sigma_lite\+
- sigma_extreme
- morphowave_sp
- visionpass
- morphowave_sp_firmware
- sigma_lite
- sigma_wide_firmware
- morphowave_xp_firmware
- visionpass_firmware
- sigma_lite_firmware
- morphowave_xp
- morphowave_compact
- sigma_extreme_firmware
- sigma_wide
- sigma_lite\+_firmware
- morphowave_compact_firmware
CWE