A critical vulnerability impacting multiple IDEMIA biometric identification devices can be exploited to unlock doors and turnstiles.
Because of this security defect, if the TLS protocol is not activated, an attacker in the network can send specific commands without authentication to open doors or turnstiles directly operated by a vulnerable device.
The attacker could also exploit the bug to cause a denial of service (DoS) condition by sending a reboot command to the vulnerable device, according to an advisory published by IDEMIA, a France-based tech company that specializes in identity-related physical security services.
Identified by researchers at Russian cybersecurity firm Positive Technologies – which was sanctioned by the United States last year for alleged ties with Russian intelligence – the flaw has a CVSS score of 9.1, yet no CVE identification number has been issued for it until now.
Affected products include MorphoWave Compact MD/MDPI/MDPI-M, VisionPass MD/MDPI/MDPI-M, all variants of SIGMA Lite/Lite+/Wide, SIGMA Extreme, and MA VP MD.
The issue impacts all organizations relying on vulnerable IDEMIA biometric identification devices, including critical infrastructure facilities, financial institutions, healthcare organizations, and universities.
“Activation, proper configuration of TLS protocol and installation of the TLS certificate on the device fixes the aforementioned vulnerability,” IDEMIA says.
The company plans to enforce the use of TLS by default in future firmware releases for the impacted devices, to completely eliminate the risk of biometric identification bypass.
“The vulnerability has been identified in several lines of biometric readers for the IDEMIA ACS equipped with fingerprint scanners and combined devices that analyze fingerprints and vein patterns. An attacker can potentially exploit the flaw to enter a protected area or disable access control systems,” Vladimir Nazarov, head of ICS Security at Positive Technologies, says.
Related: Diebold Nixdorf ATM Flaws Allowed Attackers to Modify Firmware, Steal Cash
Related: Intel CPU Vulnerability Can Expose Cryptographic Keys
Related: WAGO Controller Flaws Can Allow Hackers to Disrupt Industrial Processes