Seong-Joong Kim - Security Researcher - Exploit Intelligence Platform

CVE-2019-12813 WRITEUP MEDIUM WORKING POC

Crossmatch Digital Persona U.are.u 45... - Cleartext Transmission

An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Reader v24. The key and salt used for obfuscating the fingerprint image exhibit cleartext when the fingerprint scanner device transfers a fingerprint image to the driver. An attacker who sniffs an encrypted fingerprint image can easily decrypt that image using the key and salt.

CVSS 5.9

View Code

CVE-2019-13603 WRITEUP MEDIUM WORKING POC

HID Global DigitalPersona <5.0.0.5 - Info Disclosure

An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combination with retrieving an encrypted fingerprint image and encryption key (through another vulnerability), allows an attacker to obtain a user's fingerprint image.

CVSS 5.9

View Code

CVE-2019-13604 WRITEUP MEDIUM WORKING POC

Assaabloy Hid Digitalpersona 4500 Firmware - Broken Cryptographic Algorithm

There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using the key. Successful exploitation causes a sensitive biometric information leak.

CVSS 5.9

View Code