CVE-2014-2938

Hanon Faceid F810 Firmware < 1.007.109 - Authentication Bypass

Title source: rule

Description

Hanvon FaceID before 1.007.110 does not require authentication, which allows remote attackers to modify access-control and attendance-tracking data via API commands.

References (1)

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/767044

Scores

EPSS 0.0063

EPSS Percentile 70.0%

Classification

CWE

CWE-287

Status draft

Affected Products (8)

hanon/faceid_f810_firmware < 1.007.109

hanon/faceid

hanon/faceid_f710_firmware

hanon/faceid

hanon/faceid_fk800_firmware < 1.007.109

hanon/faceid

hanon/faceid_fa007_firmware < 1.007.109

hanon/faceid

Timeline

Published May 22, 2014

Tracked Since Feb 18, 2026