LSE discovers vulnerability in Granding Grand MA 300

During an internal evaluation of the Granding Grand MA 300 Fingerprint Access Device, the LSE Security Consultant Eric Sesterhenn discovered multiple security issues regarding the administrative PIN authentication. The flaws in the authentication protocol allow to reconstruct the PIN from sniffed data and effective brute-force attacks.

 

Affected Versions

The issues have been found in firmware version 6.60.

Read more in the corresponding Security Advisory

Feel free to share the newsShare on Facebook
Facebook
Share on Google+
Google+
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin