CVE-2023-33217

Summary

By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer

Affected Software

VendorProductVersion RangeStatus
IDEMIASIGMA Lite & Lite +0 < 4.15.5affected
IDEMIASIGMA Wide0 < 4.15.5affected
IDEMIASIGMA Extreme0 < 4.15.5affected
IDEMIAMorphoWave Compact/XP0 < 2.12.2affected
IDEMIAVisionPass0 < 2.12.2affected
IDEMIAMorphoWave SP0 < 1.2.7affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References