CVE-2024-23592

Medium

An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with…

lenovo·CWE-358·Published 2024-04-05

CVSS

6.3

EPSS

0.00

KEV

Exploits

cve.orgen

218 chars

An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with physical access to replay fingerprints and bypass Windows Hello authentication.

NVDen

218 chars

NVDes

249 chars

Se informó una vulnerabilidad de omisión de autenticación en dispositivos Lenovo con lectores de huellas digitales Synaptics que podría permitir a un atacante con acceso físico reproducir huellas digitales y omitir la autenticación de Windows Hello.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	6.3	—	—	CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	6.3	0.4	5.9	CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H