How severe is CVE-2024-1578?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2024-1578?

This is classified as CWE-1287, which is a common weakness in software security.

CVE-2024-1578 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration and might result in failed login attempts for end-users. Random characters being dropped from ID card numbers compromises the uniqueness of ID cards that can, therefore, result in a security issue if the users are using the ‘ID card self-registration’ function.

Related Vulnerabilities

CVE-2023-2673

MEDIUM

CVSS:5.3(Medium)

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the M...

CWE-12872023

CVE-2023-4522

MEDIUM

CVSS:5.3(Medium)

An issue has been discovered in GitLab affecting all versions before 16.2.0. Committing directories containing LF character results in 500 errors when viewing the commit.

CWE-12872023

CVE-2024-47262

MEDIUM

CVSS:5.3(Medium)

Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web inter...

CWE-12872024

CVE-2023-2431

MEDIUM

CVSS:5.5(Medium)

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected...

CWE-12872023

CVE-2025-20155

MEDIUM

CVSS:6.0(Medium)

A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient...

CWE-12872025

CVE-2023-28799

MEDIUM

CVSS:6.1(Medium)

A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the user after auth and send the authorization token ...

CWE-12872023