EUVD-2024-37325

Malicious code in bioql PyPI...

The vulnerability of the BMC controller software of Nuvoton BootBlock series, Nuvoton NPCM7xx, related to the bypassing of authentication due to a source error, allows a perpetrator to execute arbitrary code.

The vulnerability of the BMC controller Nuvoton BootBlock series from Nuvoton, specifically the Nuvoton NPCM7xx, relates to the bypassing of authentication due to a fundamental error in the code. Exploiting this vulnerability allows an attacker to execute arbitrary code by modifying the u-boot...

CVE-2024-38433

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...

CVE-2024-38433

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...

CVE-2024-38433 Nuvoton - CWE-305: Authentication Bypass by Primary Weakness

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...

CVE-2024-38433

CVE-2024-38433 affects Nuvoton NPCM7xx BMC subsystem that uses the BootBlock. An attacker with write access to SPI-Flash can modify the u-boot image header parsed by BootBlock, enabling an authentication bypass and potentially arbitrary code execution. The CVSS data in the connected documents ind...

Nuvoton NPCM7xx Security Vulnerability

Nuvoton NPCM7xx is a server remote management control chip from Nuvoton China. A security vulnerability exists in Nuvoton NPCM7xx Poleg BootBlock versions prior to v10.10.19, which originates from bypassing authentication via a major weakness, and can be exploited to modify the u-boot image heade...

PT-2024-5458 · Nuvoton · Nuvoton Npcm7Xx Bmc Subsystem

Name of the Vulnerable Software and Affected Versions: Nuvoton NPCM7xx BMC subsystem affected versions not specified Description: The issue is related to an authentication bypass weakness in the Nuvoton BootBlock reference code used in the Nuvoton NPCM7xx BMC subsystem. An attacker with write...

The vulnerability of the ms_lib_process_bootblock() function in the drivers/usb/storage/ene_ub6250.c file of the ene_usb6250 driver for the ENE SD/MS embedded system in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mslibprocessbootblock function in the drivers/usb/storage/eneub6250.c file of the eneusb6250 driver for the ENE SD/MS embedded system in the Linux operating system is related to access to memory beyond the allocated buffer. Exploiting this vulnerability could allow a...