CVE-2023-30633

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...

CVE-2023-26980

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. NOTE: the vendor disputes this because the attack is not feasible: the home launcher wil...

CVE-2022-24351

TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version before 05.44.13, and Kernel 5.5 before version 05.52.13 allows an attacker to alter data and code used by the remainder of the boot process...

CVE-2022-20826

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance ASA Software or Cisco Firepower Threat Defense FTD Software could allow an unauthenticated attacker with physical access to the device to bypass the secure bo...

CVE-2022-28793

Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first initialization at boot time...

CVE-2025-37960

In the Linux kernel, the following vulnerability has been resolved: memblock: Accept allocated memory before use in memblockdoublearray When increasing the array size in memblockdoublearray and the slab is not yet available, a call to memblockfindinrange is used to reserve/allocate memory. Howeve...

Alibaba Cloud Linux 3 : 0026: grub2 (ALINUX3-SA-2021:0026)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0026 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-14865: A flaw was found in the...

CVE-2025-20181

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...

PT-2025-20256 · Cisco · Cisco Ios

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches affected versions not specified Description: A vulnerability in the software could allow an authenticated, local attacker with high privilege levels or an...

CVE-2025-2762

CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...

GNU GRUB Buffer Overflow Vulnerability (CNVD-2025-08311)

GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GRUB. The vulnerability stems from the fs/hfs module containing an integer overflow issue that results in heap-based out-of-bounds writes. An attacker can exploit this vulnerability to execut...

CVE-2025-0813

CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an unauthorized user without permission rights has physical access to the EPAS-UI computer and is able to reboot the workstation and interrupt the normal boot process...

CVE-2025-20177

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the...

CVE-2025-20143

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges o...

CVE-2025-20177 Cisco IOS XR Software Image Verification Bypass Vulnerability

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the...

CVE-2025-20177

The CVE-2025-20177 issue affects Cisco IOS XR Software during boot. Affected component: boot verification process; root-privileged, authenticated local attacker can bypass image signature verification and load unverified software by manipulating system configuration options, potentially altering ...

PT-2025-11103 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the boot process could allow an authenticated, local attacker to bypass image signature verification and load unverified software on an affected device. The...

A dive into the Rockchip Bootloader

TL;DR Rockchip has a structured sequence of bootloaders. Using various plugs can allow access to the MCU’s RAM and storage. There are many utilities to allow reading of information from the MCU. Use this guide to access and reverse engineer bootloaders. Introduction Rockchip are a Chinese company...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the arm64 topology initialization not setting smtmask correctly before notifying the CPU to boot, which coul...

CVE-2025-1204

The CVE-2025-1204 entry concerns the Contec Health CMS8000 Patient Monitor. A firmware update binary attempts to mount to a hard-coded routable IP address, bypassing device network settings. The exploit triggers when the C button is pressed at a specific moment during boot, enabling an attacker t...