CVE-2023-6482

MEDIUM Year: 2023
CVSS v3 Score
5.2
Medium
Weakness Type
CWE-321
View all →

Vulnerability Description

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a fingerprint into the template database.

Related Vulnerabilities

CVE-2020-25193

MEDIUM
CVSS:5.3(Medium)

By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encryp...

CWE-3212020

CVE-2024-46889

MEDIUM
CVSS:5.3(Medium)

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could al...

CWE-3212024

CVE-2017-9649

MEDIUM
CVSS:5.0(Medium)

A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/...

CWE-3212017

CVE-2024-45837

MEDIUM
CVSS:5.4(Medium)

Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or...

CWE-3212024

CVE-2020-25231

MEDIUM
CVSS:5.5(Medium)

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses ...

CWE-3212020

CVE-2020-25233

MEDIUM
CVSS:5.5(Medium)

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encryp...

CWE-3212020