CVE-2023-0248: Kantech Gen1 ioSmart card reader
First published: Thu Dec 14 2023(Updated: )
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader.
Credit: productsecurity@jci.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Johnsoncontrols Iosmart Gen 1 Firmware | <1.07.02 | |
| Johnsoncontrols Iosmart Gen 1 |
Remedy
Update ioSmart Gen1 card reader to firmware version 1.07.02 or higher. Download the update here: https://www.kantech.com/Resources/GetDoc.aspx?p=1&id=58679 https://www.kantech.com/Resources/GetDoc.aspx Contact technical support for additional information. ioSmart Gen2 readers are not affected by this behavior. Contact your local sales representative for ordering information.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-api
- agent/title
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/johnsoncontrols
- canonical/johnsoncontrols iosmart gen 1 firmware
- canonical/johnsoncontrols iosmart gen 1