2024-12-31 01:24:48
twcert
PUBLISHED
The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.