IDenticard® PremiSys™ v4.2

IDenticard security release for CVE-2019-3907 and CVE-2019-3908 vulnerabilities

PremiSys v4.2 provides the patch to resolve the CVE-2019-3907 and CVE-2019-3908 vulnerabilities identified by Tenable.

VERY IMPORTANT – PLEASE READ

Make sure that you read and perform these pre-installation instructions prior to upgrading the PremiSys™ software.



Step 1: For access control users of Mercury hardware only. If you had upgraded to PremiSys v4.1 or are using only PremiSys ID, go to Step 2.

A. Upgrade all firmware on Mercury hardware.  [View firmware upgrade instructions]

Controller firmware downloads:

LP 2500LP 1501LP 1502

EP 2500EP 1501 |  EP 1502

IO board firmware downloads:

LP MR52 | EP MR52

B. Review the OEM Code Statement. If the PremiSys access control system is using non-compliant Mercury hardware, you may be required to purchase OEM Code licenses.



Step 2: Confirm that the server and client workstations meet our current PC requirements for PremiSys. [View PC Requirements]

Step 3: For Mobile App Users - PremiSys mobile app users who upgrade to PremiSys v4.2 will need to update their PremiSys mobile app to v2.5. If your mobile app has not automatically updated, visit the App Store or Google Play to manually update the app.

Step 4: Click here to request the PremiSys v4.2 download link to be sent to you via email.

Step 5: Questions? View FAQs

Note for PremiSys API Users - Due to changes in password hashing in PremiSys v4.2, hashed passwords will no longer be accepted in PremiSys APIs. Prior to PremiSys v4.2, the Query API ValidateUser method required a hashed password. API consumers will need to update to send a non-hashed password.


How Did We Do?