Synaptics Fingerprint Driver
Approved changes feed: RSS · Atom
cpe:2.3:a:synaptics:synaptics_fingerprint_driver:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Synaptics (1e53599a-a4b7-5a82-8eed-41abd0eccd25) |
|---|---|
| Product | Synaptics Fingerprint Driver (2a19e2d6-16a8-5102-9e57-f4b964853291) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-11772 |
vulnerable | 2026-06-08 07:04:28.903302 |
Co-Installer Privilege Escalation
MEDIUM (6.6)
A carefully crafted DLL, copied to
C:\ProgramData\Synaptics
folder, allows a local user to execute
arbitrary code with elevated privileges during driver installation.
Published: 2025-12-01T18:55:10.227Z
Updated: 2025-12-01T19:08:13.939Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-6482 |
vulnerable | 2026-06-08 06:19:47.456678 |
Encryption key derived from static host information
MEDIUM (5.2)
Use of encryption key derived from static information in Synaptics Fingerprint Driver allows
an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may
allow an attacker, who has physical access to the sensor, to enroll a fingerprint into the
template database.
Published: 2024-01-27T00:19:15.351Z
Updated: 2024-10-18T14:42:11.060Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-5447 |
vulnerable | 2026-06-08 06:19:43.644688 |
Use-After-Free in Service for Hardware Support App for Fingerprint Driver
MEDIUM (5.5)
Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App.
Published: 2024-05-11T02:41:19.627Z
Updated: 2024-08-02T07:59:44.752Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3675 |
vulnerable | 2026-06-08 05:33:53.398403 |
synaTEE.signed.dll Out-Of-Bounds Heap Write
MEDIUM (5.5)
Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on x86/64; 5.2.xxxx.26 versions prior to xxxx=3541 on x86/64; 5.2.2xx.26 versions prior to xx=29 on x86/64; 5.2.3xx.26 versions prior to xx=25 on x86/64; 5.3.xxxx.26 versions prior to xxxx=3543 on x86/64; 5.5.xx.1058 versions prior to xx=44 on x86/64; 5.5.xx.1102 versions prior to xx=34 on x86/64; 5.5.xx.1116 versions prior to xx=14 on x86/64; 6.0.xx.1104 versions prior to xx=50 on x86/64; 6.0.xx.1108 versions prior to xx=31 on x86/64; 6.0.xx.1111 versions prior to xx=58 on x86/64.
Published: 2022-06-16T16:15:00.966Z
Updated: 2024-09-16T17:38:29.835Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.