CVE-2019-13604

Name of the Vulnerable Software and Affected Versions HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader version 24

Description The issue concerns a short key used for obfuscating fingerprint images, which is susceptible to brute-force attacks. An attacker can exploit this to recover the key and subsequently decrypt the fingerprint image, leading to a leak of sensitive biometric information.

Recommendations For version 24, update to a newer version that addresses the short key vulnerability to prevent brute-force attacks and potential biometric data leaks.