Improper Authorization in HID Global Encoders

1) Improper Authorization

EUVDB-ID: #VU86199

Risk: Low

CVSSv4.0: 2.1 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-22388

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authorization checks.

The vulnerability exists due to improper authorization. A local attacker can extract sensitive data when reader configuration cards are programmed.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

iCLASS SE CP1000 Encoder: All versions

iCLASS SE Readers: All versions

iCLASS SE Reader Modules: All versions

iCLASS SE Processors: All versions

OMNIKEY 5427CK Readers: All versions

OMNIKEY 5127CK Readers: All versions

OMNIKEY 5023 Readers: All versions

OMNIKEY 5027 Readers: All versions

CPE2.3

• cpe:2.3:h:hid_global:iclass_se_cp1000_encoder:*:*:*:*:*:*:*:*
• cpe:2.3:h:hid_global:iclass_se_readers:*:*:*:*:*:*:*:*
• cpe:2.3:h:hid_global:iclass_se_reader_modules:*:*:*:*:*:*:*:*
• cpe:2.3:h:hid_global:iclass_se_processors:*:*:*:*:*:*:*:*
• cpe:2.3:h:hid_global:omnikey_5427ck_readers:*:*:*:*:*:*:*:*
• cpe:2.3:h:hid_global:omnikey_5127ck_readers:*:*:*:*:*:*:*:*
• cpe:2.3:h:hid_global:omnikey_5023_readers:*:*:*:*:*:*:*:*
• cpe:2.3:h:hid_global:omnikey_5027_readers:*:*:*:*:*:*:*:*

External links

https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01
https://support.hidglobal.com/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.