Overview
- Description
- The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration and might result in failed login attempts for end-users. Random characters being dropped from ID card numbers compromises the uniqueness of ID cards that can, therefore, result in a security issue if the users are using the ‘ID card self-registration’ function.
- Source
- 4586e0a2-224d-4f8a-9cb4-8882b208c0b3
- NVD status
- Analyzed
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 4.7
- Exploitability score
- 0.5
- Vector string
- CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- 4586e0a2-224d-4f8a-9cb4-8882b208c0b3
- CWE-1287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rfideas:micard_plus_ci_firmware:0.1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF183E5B-D277-422A-AEC8-3FA8253BEFDA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rfideas:micard_plus_ci:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "34DA9EB3-51BA-4F27-83CF-25B1A4061C6E"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rfideas:micard_plus_ble_firmware:0.1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D897A1C4-F336-49A2-B805-F6CFA20234A1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rfideas:micard_plus_ble:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0D784B14-21AE-4BF0-A1AF-3E43E85E7F79"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]