CVE-2019-18618

Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attacker to compromise the confidentiality of sensor data via injection of an unverified partition table.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
VendorProductVersion
synapticsvfs75xx_firmware
5.1.5.51
synapticsvfs75xx_firmware
5.1.337.26
synapticsvfs75xx_firmware
5.1.3507.26
synapticsvfs75xx_firmware
5.2.320.26
synapticsvfs75xx_firmware
5.2.524.26
synapticsvfs75xx_firmware
5.2.3109.26
synapticsvfs75xx_firmware
5.2.3530.26
synapticsvfs75xx_firmware
5.2.5024.26
synapticsvfs75xx_firmware
5.3.3541.26
synapticsvfs75xx_firmware
5.5.4.1116
synapticsvfs75xx_firmware
5.5.8.1092
synapticsvfs75xx_firmware
5.5.10.1100
synapticsvfs75xx_firmware
5.5.10.1106
synapticsvfs75xx_firmware
5.5.17.1099
synapticsvfs75xx_firmware
5.5.17.1102
synapticsvfs75xx_firmware
5.5.35.1058
synapticsvfs75xx_firmware
5.5.502.79
synapticsvfs75xx_firmware
5.5.512.1051
synapticsvfs75xx_firmware
5.5.2734.1050
synapticsvfs75xx_firmware
5.5.2810.1050
lenovothinkpad_25_firmware
𝑥
< 5.2.3540.26
lenovothankpad_a475_firmware
𝑥
< 5.02.3539.0026
lenovothankpad_a485_firmware
𝑥
< 5.03.3542.0026
lenovothinkpad_e480_firmware
𝑥
< 5.2.321.26
lenovothinkpad_e580_firmware
𝑥
< 5.2.321.26
lenovothinkpad_e485_firmware
𝑥
< 5.2.321.26
lenovothinkpad_e585_firmware
𝑥
< 5.2.321.26
lenovothinkpad_e490s_firmware
𝑥
< 5.2.321.26
lenovothinkpad_s3_firmware
𝑥
< 5.2.321.26
lenovothinkpad_e490_firmware
𝑥
< 5.2.321.26
lenovothinkpad_e590_firmware
𝑥
< 5.2.321.26
lenovothinkpad_r490_firmware
𝑥
< 5.2.321.26
lenovothinkpad_r590_firmware
𝑥
< 5.2.321.26
lenovothinkpad_l480_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_l580_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_p1_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_p1_gen_2_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_x1_extreme_2nd_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_p43s_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_p50_firmware
𝑥
< 5.1.338.26
lenovothinkpad_p51_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_p51s_\(20jx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_p51s_\(20kx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_p51s_\(20hx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_p52_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_p52s_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_p53_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_p53s_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_p70_firmware
𝑥
< 5.1.338.26
lenovothinkpad_p71_\(20hx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_p72_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_p73_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_t25_\(20k7\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_t460p_firmware
𝑥
< 5.1.338.26
lenovothinkpad_t460s_firmware
𝑥
< 5.1.338.26
lenovothinkpad_t470_\(20hx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_t470_\(20jx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_t470p_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_t470s_\(20hx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_t470s_\(20jx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_t480_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_t480s_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_t490_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_t490s_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_t570_\(20hx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_t570\(20jx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_t580_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_t590_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_x1_carbon_\(20hx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_x1_carbon_\(20kx\)_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_x1_carbon_firmware
𝑥
< 5.1.338.26
lenovothinkpad_x1_yoga_4th_gen_firmware
𝑥
< 5.1.338.26
lenovothinkpad_x1_extreme_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_x1_tablet_firmware
𝑥
< 5.5.40.1058
lenovothinkpad_x1_tablet_\(20jx\)_firmware
𝑥
< 5.2.227.26
lenovothinkpad_x1_yoga_firmware
𝑥
< 5.1.338.26
lenovothinkpad_x1_yoga_\(20jx\)_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_x1_yoga_3rd_gen_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_x270_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_x280_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_x380_yoga_firmware
𝑥
< 5.3.3542.26
lenovothinkpad_x390_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_x390_yoga_firmware
𝑥
< 6.0.36.1105
lenovothinkpad_yoga_370_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_s1_3rd_firmware
𝑥
< 5.2.3540.26
lenovothinkpad_yoga_260_firmware
𝑥
< 5.1.338.26
lenovothinkpad_yoga_s1_firmware
𝑥
< 5.1.338.26
lenovothinkpad_a275_firmware
𝑥
< 5.2.3535.26
hpelite_x2_1012_g2_firmware
𝑥
< 5.2.5026.26
hpelite_x2_1013_g3_firmware
𝑥
< 5.5.21.1099
hpelite_x2_g4_firmware
𝑥
< 5.5.21.1099
hpelitebook_1040_g4_firmware
𝑥
< 5.2.5026.26
hpelitebook_1050_g1_firmware
𝑥
< 5.5.21.1099
hpelitebook_735_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_735_g6_firmware
𝑥
< 5.5.21.1099
hpelitebook_745_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_745_g6_firmware
𝑥
< 5.5.21.1099
hpelitebook_755_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_830_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_830_g6_firmware
𝑥
< 5.5.21.1099
hpelitebook_836_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_836_g6_firmware
𝑥
< 5.5.21.1099
hpelitebook_840_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_840_g5_healthcare_edition_firmware
𝑥
< 5.5.21.1099
hpelitebook_840_g6_firmware
𝑥
< 5.5.21.1099
hpelitebook_840_g6_healthcare_edition_firmware
𝑥
< 5.5.21.1099
hpelitebook_846_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_846_g5_healthcare_edition_firmware
𝑥
< 5.5.21.1099
hpelitebook_846_g6_firmware
𝑥
< 5.5.21.1099
hpelitebook_846_g6_healthcare_edition_firmware
𝑥
< 5.5.21.1099
hpelitebook_850_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_850_g6_firmware
𝑥
< 5.5.21.1099
hpelitebook_x360_1020_g2_firmware
𝑥
< 5.2.5026.26
hpelitebook_x360_1030_g2_firmware
𝑥
< 5.2.5026.26
hpelitebook_x360_1030_g3_firmware
𝑥
< 5.5.21.1099
hpelitebook_x360_1030_g4_firmware
𝑥
< 5.5.21.1099
hpelitebook_x360_1040_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_x360_1040_g6_firmware
𝑥
< 5.5.21.1099
hpelitebook_x360_830_g5_firmware
𝑥
< 5.5.21.1099
hpelitebook_x360_830_g6_firmware
𝑥
< 5.5.21.1099
hppro_x2_612_g2_firmware
𝑥
< 5.2.5026.26
hpprobook_430_g6_firmware
𝑥
< 5.5.21.1099
hpprobook_440_g6_firmware
𝑥
< 5.5.21.1099
hpprobook_445_g6_firmware
𝑥
< 5.5.21.1099
hpprobook_445r_g6_firmware
𝑥
< 5.5.21.1099
hpprobook_450_g6_firmware
𝑥
< 5.5.21.1099
hpprobook_455_g6_firmware
𝑥
< 5.5.21.1099
hpprobook_455r_g6_firmware
𝑥
< 5.5.21.1099
hpprobook_640_g5_firmware
𝑥
< 5.5.21.1099
hpprobook_650_g5_firmware
𝑥
< 5.5.21.1099
hpzbook_14u_g5_firmware
𝑥
< 5.5.21.1099
hpzbook_14u_g6_firmware
𝑥
< 5.5.21.1099
hpzbook_15_g5_firmware
𝑥
< 5.5.21.1099
hpzbook_15_g6_firmware
𝑥
< 5.5.21.1099
hpzbook_15u_g5_firmware
𝑥
< 5.5.21.1099
hpzbook_15u_g6_firmware
𝑥
< 5.5.21.1099
hpzbook_17_g5_firmware
𝑥
< 5.5.21.1099
hpzbook_17_g6_firmware
𝑥
< 5.5.21.1099
hpzbook_studio_g5_firmware
𝑥
< 5.5.21.1099
hpzbook_studio_x360_g5_firmware
𝑥
< 5.5.21.1099
hpzhan_66_pro_13_g2_firmware
𝑥
< 5.5.21.1099
hpzhan_66_pro_14_g2_firmware
𝑥
< 5.5.21.1099
hpzhan_66_pro_15_g2_firmware
𝑥
< 5.5.21.1099
hpzhan_x_13_g2_firmware
𝑥
< 5.5.21.1099
hpelite_slice_firmware
𝑥
< 5.2.3110.26
hpeliteone_1000_g1_firmware
𝑥
< 5.2.5026.26
hpeliteone_1000_g2_firmware
𝑥
< 5.5.21.1099
hpmt44_firmware
𝑥
< 5.5.21.1099
hpmt45_firmware
𝑥
< 5.5.21.1099
hpenvy_x360_firmware
𝑥
< 5.5.26.1102
hppavilion_x360_firmware
𝑥
< 5.5.8.1116
hpspectre_x360_firmware
𝑥
< 5.5.26.1102
𝑥
= Vulnerable software versions
References
https://support.hp.com/us-en/document/c06696474
https://support.lenovo.com/us/en/product_security/LEN-31372
https://www.synaptics.com/company/blog/
https://www.synaptics.com/sites/default/files/fingerprint-sensor-VFS7500-security-brief-2020-07-14.pdf
https://support.hp.com/us-en/document/c06696474
https://support.lenovo.com/us/en/product_security/LEN-31372
https://www.synaptics.com/company/blog/
https://www.synaptics.com/sites/default/files/fingerprint-sensor-VFS7500-security-brief-2020-07-14.pdf