CVE-2023-2644 — MEDIUM (5.3)

Vulnerability Description

A vulnerability, which was classified as problematic, has been found in DigitalPersona FPSensor 1.0.0.1. This issue affects some unknown processing of the file C:\Program Files (x86)\FPSensor\bin\DpHost.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier VDB-228773 was assigned to this vulnerability.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Digitalpersona Fpsensor Project	Digitalpersona Fpsensor	1.0.0.1

Related Weaknesses (CWE)

CWE-428

References

https://vuldb.com/?ctiid.228773Permissions RequiredThird Party Advisory
https://vuldb.com/?id.228773Permissions RequiredThird Party Advisory
https://vuldb.com/?ctiid.228773Permissions RequiredThird Party Advisory
https://vuldb.com/?id.228773Permissions RequiredThird Party Advisory

FAQ

What is CVE-2023-2644?

CVE-2023-2644 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability, which was classified as problematic, has been found in DigitalPersona FPSensor 1.0.0.1. This issue affects some unknown processing of the file C:\Program Files (x86)\FPSensor\bin\DpHo...

How severe is CVE-2023-2644?

CVE-2023-2644 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-2644?

Check the references section above for vendor advisories and patch information. Affected products include: Digitalpersona Fpsensor Project Digitalpersona Fpsensor.