CVE-2017-15567

Name: CVE-2017-15567
Creator: NVD / NIST
Published: 2017-10-23T08:29:00.68+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.25%

Last modified Jun 17, 2026

CVE-2017-15567 is a vulnerability of currently unknown severity. The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product or in the associated SDK. EPSS estimates a 0.25% chance of exploitation in the next 30 days.

Description

The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product or in the associated SDK

Metrics

EPSS Probability

0.25%

16.4th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Idemia	Mso 1300 Firmware	All versions

References

https://gist.github.com/shiham101/4c49ece8ecac7c3c02ecbc6942aeca80Third Party Advisory
https://gist.github.com/shiham101/4c49ece8ecac7c3c02ecbc6942aeca80Third Party Advisory

Timeline

Published: Oct 23, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-15567?

How severe is CVE-2017-15567?

Severity scoring for CVE-2017-15567 is pending analysis. The EPSS model estimates a 0.25% probability of exploitation in the next 30 days.

How do I fix CVE-2017-15567?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-15567?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST