Headline
CVE-2023-4667: Vulnerability information – IDEMIA
The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface.
The root cause of the vulnerability is inadequate input validation and output encoding in the web administration interface component of the firmware.
This could lead to unauthorized access and data leakage
Receive our key news and keep up with the trends in our markets by subscribing to our newsletter.
By clicking on the “Subscribe” button, you confirm that you agree to IDEMIA’s Terms of Use and Privacy Policy, and agree to the processing of your personal data and acknowledge your related rights, as described therein.
Your email address will be used exclusively by IDEMIA to send you newsletters related yo your selected topics of interest. In accordance with the law, you have rights of access, rectification and erasure of your personal data, as well as opposition of processing, which can be exercised by writing to [email protected].