CVE Catalog

CVE-2000-0275

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.86%

53th percentile — higher than 53% of all known CVEs

Summary

CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, allowing an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN.

Risk Assessment

Weak encryption exposes the organization to the risk of unauthorized access to the system, potentially leading to identity theft or unauthorized transactions.

Recommendation

It is recommended to update the software to a version with stronger encryption and secure access to .PDB files.

Original NVD description (English source)

CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS