By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent
denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer
References
| Link | Resource |
|---|---|
| https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf | Vendor Advisory |
| https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
21 Nov 2024, 08:05
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf - Vendor Advisory |
21 Dec 2023, 19:24
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CWE | NVD-CWE-noinfo | |
| References | () https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf - Vendor Advisory | |
| First Time |
Idemia sigma Extreme
Idemia visionpass Firmware Idemia morphowave Compact Firmware Idemia sigma Lite\+ Firmware Idemia sigma Lite\+ Idemia morphowave Xp Idemia sigma Extreme Firmware Idemia sigma Lite Firmware Idemia sigma Wide Idemia morphowave Sp Firmware Idemia morphowave Xp Firmware Idemia morphowave Sp Idemia sigma Wide Firmware Idemia sigma Lite Idemia morphowave Compact Idemia Idemia visionpass |
|
| CPE | cpe:2.3:h:idemia:sigma_lite:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_sp_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_xp_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:morphowave_compact_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_xp:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_wide_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_lite\+_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_wide:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_extreme_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_sp:-:*:*:*:*:*:*:* cpe:2.3:h:idemia:morphowave_compact:-:*:*:*:*:*:*:* cpe:2.3:h:idemia:visionpass:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:visionpass_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_lite\+:-:*:*:*:*:*:*:* cpe:2.3:o:idemia:sigma_lite_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:idemia:sigma_extreme:-:*:*:*:*:*:*:* |
15 Dec 2023, 13:41
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-15 11:15
Updated : 2024-11-21 08:05
NVD link : CVE-2023-33217
Mitre link : CVE-2023-33217
CVE.ORG link : CVE-2023-33217
JSON object : View
Products Affected
idemia
- morphowave_sp_firmware
- visionpass_firmware
- sigma_wide_firmware
- morphowave_sp
- sigma_lite\+
- sigma_lite\+_firmware
- sigma_extreme_firmware
- morphowave_compact_firmware
- sigma_lite
- morphowave_compact
- sigma_extreme
- morphowave_xp
- visionpass
- sigma_wide
- morphowave_xp_firmware
- sigma_lite_firmware
CWE