Description
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user.
References (6)
Core 6
Core References
Various Sources x_refsource_misc
http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen
Various Sources x_refsource_misc
http://security.bkis.vn/?p=292
Exploit x_refsource_misc
http://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498997
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32700
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48962
Scores
EPSS
0.0006
EPSS Percentile
19.5%
Details
CWE
CWE-255
Status
published
Products (1)
asus/smartlogon
1.0.0005
Published
Feb 20, 2009
Tracked Since
Feb 18, 2026