This page lists publicly disclosed CVE vulnerabilities affecting idemia morphowave_compact_mdpi_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-35522 | A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets. | [email protected] | 9.8 | 3.66% | 2021-07-22 | 2026-06-16 |
| CVE-2021-35521 | A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets. | [email protected] | 5.9 | 1.37% | 2021-07-22 | 2026-06-16 |
| CVE-2021-35520 | A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports. | [email protected] | 6.2 | 0.34% | 2021-07-22 | 2026-06-16 |