secom CVE Vulnerabilities & Metrics

Focus on secom vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About secom Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with secom. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total secom CVEs: 5
Earliest CVE date: 11 Feb 2020, 12:15 UTC
Latest CVE date: 14 Aug 2024, 07:15 UTC

Latest CVE reference: CVE-2024-7732

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 2

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical secom CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 4.5

Max CVSS: 10.0

Critical CVEs (≥9): 1

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	1
7.0-8.9	1
9.0-10.0	1

CVSS Distribution Chart

Top 5 Highest CVSS secom CVEs

These are the five CVEs with the highest CVSS scores for secom, sorted by severity first and recency.

CVE-2021-35961 secom Published on 16 Jul 2021, 16:15 UTC (CVSS: 10.0)
Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission.
CVE-2022-26671 secom Published on 07 Apr 2022, 19:15 UTC (CVSS: 7.5)
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service.
CVE-2020-3935 secom Published on 11 Feb 2020, 12:15 UTC (CVSS: 5.0)
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.
CVE-2024-7732 secom Published on 14 Aug 2024, 07:15 UTC (CVSS: 0)
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.
CVE-2024-7731 secom Published on 14 Aug 2024, 07:15 UTC (CVSS: 0)
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.

All CVEs for secom

CVE-2024-7732 secom vulnerability CVSS: 0 14 Aug 2024, 07:15 UTC

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.

CVE-2024-7731 secom vulnerability CVSS: 0 14 Aug 2024, 07:15 UTC

CVE-2022-26671 secom vulnerability CVSS: 7.5 07 Apr 2022, 19:15 UTC

Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service.

CVE-2021-35961 secom vulnerability CVSS: 10.0 16 Jul 2021, 16:15 UTC

Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission.

CVE-2020-3935 secom vulnerability CVSS: 5.0 11 Feb 2020, 12:15 UTC

TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.