Lucene search

MitreCVE-2009-0656

HistoryFeb 20, 2009 - 7:30 p.m.

CVE-2009-0656

2009-02-2019:30:00

CWE-255

mitre

web.nvd.nist.gov

asus

smartlogon

cve-2009-0656

security bypass

proximate attack

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

41.6%

JSON

Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass “security functions” by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user.

Affected configurations

Nvd

Node

asussmartlogonMatch1.0.0005

VendorProductVersionCPE
asussmartlogon1.0.0005cpe:2.3:a:asus:smartlogon:1.0.0005:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
asus	smartlogon	1.0.0005	cpe:2.3:a:asus:smartlogon:1.0.0005:::::::*

References

security.bkis.vn/?p=292

www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen

www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf

www.securityfocus.com/archive/1/498997

www.securityfocus.com/bid/32700

exchange.xforce.ibmcloud.com/vulnerabilities/48962

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

41.6%

JSON

Related for CVE-2009-0656