Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Encryption key derived from static host information
Vulnerability Description
Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a fingerprint into the template database.
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
Synaptics Fingerprint Driver 安全漏洞
Vulnerability Description
Synaptics Fingerprint Driver是美国Synaptics公司的一种区域触摸和滑动指纹驱动程序。 Synaptics Fingerprint Driver存在安全漏洞。攻击者利用该漏洞将指纹注册到模板数据库中。
CVSS Information
N/A
Vulnerability Type
N/A