CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L
AI Score
Confidence
High
EPSS
Percentile
20.6%
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader’s communication memory between the card and reader.
Vendor | Product | Version | CPE |
---|---|---|---|
johnsoncontrols | iosmart_gen_1_firmware | * | cpe:2.3:o:johnsoncontrols:iosmart_gen_1_firmware:*:*:*:*:*:*:*:* |
johnsoncontrols | iosmart_gen_1 | - | cpe:2.3:h:johnsoncontrols:iosmart_gen_1:-:*:*:*:*:*:*:* |
[
{
"defaultStatus": "unaffected",
"product": "ioSmart Gen1",
"vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.",
"versions": [
{
"lessThan": "1.07.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]