© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Researchers discovered a vulnerability that can unlock doors and turnstiles

Positive Technologies researchers have uncovered a critical vulnerability in IDEMIA biometric identification devices. By exploiting the flaw, attackers can unlock doors and turnstiles.

IDEMIA biometric identification devices are used in the world's largest financial institutions, universities, healthcare organizations, and critical infrastructure facilities. Natalya Tlyapova, Sergey Fedonin, Vladimir Kononovich, and Vyacheslav Moskvin have discovered a critical vulnerability (VU-2021-004) in the devices. By exploiting it, threat actors can unlock doors and turnstiles.

"The vulnerability has been identified in several lines of biometric readers for the IDEMIA ACS equipped with fingerprint scanners and combined devices that analyze fingerprints and vein patterns," explains Vladimir Nazarov, Head of ICS Security at Positive Technologies.

"An attacker can potentially exploit the flaw to enter a protected area or disable access control systems," he added.

The list of devices affected by this vulnerability:

· MorphoWave Compact MD

· MorphoWave Compact MDPI

· MorphoWave Compact MDPI-M

· VisionPass MD

· VisionPass MDPI

· VisionPass MDPI-M

· SIGMA Lite (all versions)

· SIGMA Lite+ (all versions)

· SIGMA Wide (all versions)

· SIGMA Extreme


To eliminate the vulnerability, enable and correctly configure the TLS protocol according to Section 7 of the IDEMIA Secure Installation Guidelines. In future firmware versions, IDEMIA will make TLS activation mandatory by default.

More from CyberNews:

Stolen TikTok videos on YouTube Shorts lead to adult dating sites

The BlueNoroff hacking group is after crypto startups

North Korean hackers stole $400 million in cryptocurrency in 2021

Malicious hackers exploit Adobe to harvest credentials

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked