Local Privilege Escalation Vulnerability in IDEMIA MorphoSmart 1300 Series Devices

Local Privilege Escalation Vulnerability in IDEMIA MorphoSmart 1300 Series Devices

CVE-2017-15567 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product or in the associated SDK

Learn more about our User Device Pen Test.