CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12813

An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Reader v24. The key and salt used for obfuscating the fingerprint image exhibit cleartext when the fingerprint scanner device transfers a fingerprint image to the driver. An attacker who sniffs an encrypted fingerprint image can easily decrypt that image using the key and salt.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.6%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

https://github.com/sungjungk/fp-scanner-hacking
https://www.youtube.com/watch?v=Grirez2xeas
https://www.youtube.com/watch?v=wEXJDyEOatM
https://github.com/sungjungk/fp-scanner-hacking
https://www.youtube.com/watch?v=Grirez2xeas
https://www.youtube.com/watch?v=wEXJDyEOatM

Products affected by CVE-2019-12813

Crossmatch » Digital Persona U.are.u 4500 » Version: N/A

cpe:2.3:h:crossmatch:digital_persona_u.are.u_4500:-
Crossmatch » Digital Persona U.are.u 4500 Firmware » Version: 24

cpe:2.3:o:crossmatch:digital_persona_u.are.u_4500_firmware:24

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12813

Products

Pricing

Contact Us