IDEMIA, global leader in Augmented Identity, has fixed three vulnerabilities discovered by Positive Technologies experts Natalia Tlyapova, Sergey Fedonin, Vladimir Kononovich, and Vyacheslav Moskvin. One of the detected vulnerabilities was critical. The flaws were detected in the firmware of IDEMIA MoprhoWave, VisionPass, SIGMA, and MorphoAccess devices, which are designed to organize access control with the help of biometric identification.
By exploiting these vulnerabilities, attackers can perform remote command execution, cause a denial of service, and read and write arbitrary files on the device.
The first vulnerability (CVE-2021-35522), which has a CVSS v3 score of 9.8, signifying critical severity, would allow attackers to remotely execute arbitrary code. It is a Buffer Overflow vulnerability, which occurs through the lack of a length check in the input received from the Thrift protocol network packet.
Vladimir Nazarov, Head of ICS Security, Positive Technologies, says: “Exploitation of this vulnerability allows attackers to bypass the biometric identification provided by the IDEMIA devices listed above. As a result, criminals can, for example, remotely open doors controlled by the device and enter secured areas.”
The second flaw (CVE-2021-35520, score 6.2) is a Heap Overflow vulnerability in the serial port handler. If attackers have physical access to the serial port, they can cause a denial of service.
The third issue (CVE-2021-35521, score 5.9) is a Path Traversal vulnerability. When this is exploited, it allows the reading and writing of arbitrary files, which may in turn lead to unauthorized execution of privileged commands on the device.
To prevent the exploitation of these vulnerabilities, users are advised to install the latest version of the firmware, which is available on the IDEMIA website.