Use of encryption key derived from static information in Synaptics Fingerprint Driver allows
an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may
allow an attacker, who has physical access to the sensor, to enroll a fingerprint into the
template database.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Synaptics
Published: 2024-01-27T00:19:15.351Z
Updated: 2024-08-02T08:28:21.858Z
Reserved: 2023-12-04T09:46:38.305Z
Link: CVE-2023-6482
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-01-27T01:15:08.033
Modified: 2024-02-01T04:14:20.480
Link: CVE-2023-6482
Redhat
No data.