πŸ” CVE Alert

CVE-2023-44039

CRITICAL 9.1
CVSS Score
9.1
EPSS Score
0.0%
EPSS Percentile
0th

In VeridiumID before 3.5.0, the WebAuthn API allows an internal unauthenticated attacker (who can pass enrollment verifications and is allowed to enroll a FIDO key) to register their FIDO authenticator to a victim’s account and consequently take over the account.

Vendor n/a
Product n/a
Published Apr 3, 2024
Last Updated Aug 21, 2024
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new critical vulnerabilities affecting n/a n/a are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

Affected Versions

n/a / n/a
n/a

References

NVD β†— CVE.org β†— EPSS Data β†—
veridiumid.com: https://veridiumid.com/veridium-id-authentication-platform/ docs.veridiumid.com: https://docs.veridiumid.com/docs/v3.5/security-advisory#id-%28v3.52%29SecurityAdvisory-Acknowledgement