CVE-2024-1578
CVSS V2 None
CVSS V3 None
Description
The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration and might result in failed login attempts for end-users. Random characters being dropped from ID card numbers compromises the uniqueness of ID cards that can, therefore, result in a security issue if the users are using the ‘ID card self-registration’ function.
Overview
- CVE ID
- CVE-2024-1578
- Assigner
- Canon_EMEA
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-16T06:59:35.306Z
- Last Modified Date
- 2024-09-16T14:33:10.067Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://ntware.atlassian.net/wiki/spaces/SA/pages/11973853216/2024+Security+Advisory+Multiple+MiCard+PLUS+card+reader+dropped+characters | vendor-advisory mitigation |
| https://www.canon-europe.com/psirt/advisory-information | vendor-advisory mitigation |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-1578 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1578 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-10-06 01:22:03 | Added to TrackCVE |