Description
Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presenting a "plain image" of the authorized user.
References (6)
Core 6
Core References
Various Sources x_refsource_misc
http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen
Exploit x_refsource_misc
http://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498997
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32700
Exploit x_refsource_misc
http://security.bkis.vn/?p=292
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48961
Scores
EPSS
0.0007
EPSS Percentile
21.5%
Details
CWE
CWE-287
Status
published
Products (1)
lenovo/veriface
iii
Published
Feb 20, 2009
Tracked Since
Feb 18, 2026