Vulnerability Description
Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hidglobal | Iclass Se Cp1000 Encoder Firmware | All versions |
| Hidglobal | Iclass Se Cp1000 Encoder | - |
| Hidglobal | Iclass Se Readers Firmware | All versions |
| Hidglobal | Iclass Se Readers | - |
| Hidglobal | Iclass Se Reader Modules Firmware | All versions |
| Hidglobal | Iclass Se Reader Modules | - |
| Hidglobal | Iclass Se Processors Firmware | All versions |
| Hidglobal | Iclass Se Processors | - |
| Hidglobal | Omnikey 5427Ck Firmware | All versions |
| Hidglobal | Omnikey 5427Ck | - |
| Hidglobal | Omnikey 5127Ck Firmware | All versions |
| Hidglobal | Omnikey 5127Ck | - |
| Hidglobal | Omnikey 5023 Firmware | All versions |
| Hidglobal | Omnikey 5023 | - |
| Hidglobal | Omnikey 5027 Firmware | All versions |
| Hidglobal | Omnikey 5027 | - |
Related Weaknesses (CWE)
References
- https://support.hidglobal.com/Product
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01Third Party AdvisoryUS Government Resource
- https://support.hidglobal.com/Product
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2024-22388?
CVE-2024-22388 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device admi...
How severe is CVE-2024-22388?
CVE-2024-22388 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-22388?
Check the references section above for vendor advisories and patch information. Affected products include: Hidglobal Iclass Se Cp1000 Encoder Firmware, Hidglobal Iclass Se Cp1000 Encoder, Hidglobal Iclass Se Readers Firmware, Hidglobal Iclass Se Readers, Hidglobal Iclass Se Reader Modules Firmware.