The problem concerns IDEMIA biometric readers intended to organize access control, in which privileged commands can be executed via the management protocol.
January 14, 2022 – Positive Technologies researchers Natalya Tlyapova, Sergey Fedonin, Vladimir Kononovich, and Vyacheslav Moskvin discovered a critical vulnerability (VU-2021-004) in IDEMIA’s biometric identification devices used in major financial institutions , universities and world health organizations and critical infrastructure. By exploiting the flaw, which received a score of 9.1 on the CVSS v3 scale, attackers can unlock doors and turnstiles. The researchers claim that forcing the use of TLS as a management protocol will help eliminate the risk of bypassing biometric identification.
“The vulnerability has been identified in several lines of biometric readers for the ACS IDEMIA equipped with fingerprint scanners and combination devices that analyze fingerprints and vein patterns,” says Vladimir Nazarov, ICS Security Manager, Positive Technologies. “An attacker can potentially exploit the flaw to enter a protected area or disable access control systems.”
A remote attacker can use the following commands without authentication:
- trigger_relay to unlock a door or turnstile if they are directly controlled by the terminal
- terminal_reboot to cause a denial of service
To eliminate the vulnerability, enable and properly configure the TLS protocol according to Section 7 of IDEMIA’s Secure Installation Guidelines. In future firmware releases, IDEMIA will make TLS activation mandatory by default.
Below is a list of devices affected by this vulnerability:
- MorphoWave® Compact MD
- MorphoWave Compact MDPI
- MorphoWave Compact MDPI-M
- VisionPass MDPI-M
- SIGMA Lite (all versions)
- SIGMA Lite+ (all versions)
- SIGMA Wide (all versions)
- SIGMA Extreme
- MY VP MD
In July 2021, IDEMIA fixed three vulnerabilities discovered by Positive Technologies experts.
About Positive Technologies
Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection. Commitment to customers and research has earned Positive Technologies a reputation as one of the leading authorities in security for industrial control systems, banking, telecommunications, web applications and ERP, backed by recognition from the analyst community.
Did you enjoy this great article?
Check out our free e-newsletters to read other interesting articles.