CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...

CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...

CVE-2024-49422

CVE-2024-49422 describes a protection mechanism failure in the bootloader of Samsung mobile devices. Prior to SMR Oct-2024 Release 1, the bootloader protection can be bypassed by a hardware fault injection, allowing a physical attacker to reset the lockscreen failure count. The exploit requires u...

PT-2024-18658 · Cisco · Nexus 9000 +5

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacke...

The vulnerability of the bootloader component in Android operating systems of Samsung mobile devices allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bootloader component in Android mobile devices from Samsung is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

DENX Software Engineering Das U-Boot 安全漏洞

DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in DENX Software Engineering Das U-Boot. An attacker exploiting this vulnerability could leak between 4 and 32 bytes of memory stored behind packets to the netwo...

CVE-2024-20880

Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory...

CVE-2024-20880

Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory...

CVE-2024-20865

Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images...

CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...

PT-2024-4251

Name of the Vulnerable Software and Affected Versions ESP-IDF versions prior to 4.4.7 ESP-IDF versions prior to 5.2.1 Description A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader, which could allow an attacker with physical access ...

SAMSUNG Mobile devices buffer error vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. SAMSUNG Mobile devices SMR Feb-2024 Release 1 suffers from a buffer error vulnerability that stems from a security issue in the bootloader that could...

The vulnerability of the ASP Bootloader component of AMD’s microprogramming software allows a hacker to disclose sensitive information or cause system failures.

The vulnerability of the ASP Bootloader microprogramming system for AMD processors is related to the state of competition. Exploiting this vulnerability can allow attackers to disclose protected information or cause malfunctions in the system...

CVE-2023-42561

Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability previously existed in SAMSUNG Mobile devices SMR Dec-2023 Release 1, which stemmed from a heap out-of-bounds write vulnerability in the...

PT-2023-8275 · Unknown +1 · Asp Bootloader +1

Name of the Vulnerable Software and Affected Versions: ASP Bootloader affected versions not specified Description: The issue is related to a Time-of-Check-to-Time-of-Use TOCTOU vulnerability in the ASP Bootloader, which may allow an attacker with physical access to tamper with SPI ROM records aft...

AMD EPYC Security Vulnerability

AMD EPYC is a line of x86 architecture server microprocessors from AMD, known in Chinese as "霄龙", which utilizes the Zen microarchitecture. A security vulnerability exists in AMD EPYC, which stems from a TOCTOU in the ASP bootloader that could allow an attacker with physical access to tamper with...

Silicon Labs Gecko Bootloader Input Validation Error Vulnerability

Silicon Labs Gecko Bootloader is a bootloader from Silicon Labs, Inc. A security vulnerability exists in Silicon Labs Gecko Bootloader version 4.3.1 and prior versions that originated from allowing unrestricted memory access while reading or writing to a memory slot...

PT-2023-17449 · Unknown · Asp Bootloader

Name of the Vulnerable Software and Affected Versions: ASP Bootloader affected versions not specified Description: The issue is related to improper access control settings in ASP Bootloader, which may allow an attacker to corrupt the return address, causing a stack-based buffer overrun. This coul...

Heap overflow

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...