160 matches found
PT-2023-18242 · Unknown · Bootloader
Name of the Vulnerable Software and Affected Versions: Bootloader versions prior to SMR May-2023 Release 1 Description: A heap out-of-bounds write issue allows a physical attacker to execute arbitrary code. Recommendations: For versions prior to SMR May-2023 Release 1, update to SMR May-2023...
SAMSUNG Mobile devices 缓冲区错误漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability previously existed in SAMSUNG Mobile devices SMR May-2023 Release 1 version, which stemmed from a bootloader program that...
Operator can cause funds to be stolen by manipulating gas fee refund
Lines of code Vulnerability details Impact An operator can manipulate the refund of gas fee mechanism to steal from the bootloader balance. Inside refundCurrentL2Transaction function in the bootloader where the refund is happening for the refund recipient at L1097, the operator provides a value f...
The vulnerability of the Bootloader component of AMD processors allows a hacker to trigger a system failure.
The vulnerability of the Bootloader component of AMD processors exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...
Bootloader mode vulnerability in Flexi Soft Gateways v3
The SICK PSIRT received a report about a Missing Authentication for Critical Function vulnerability in the firmware of FX0-GPNT v3 and FX0-GENT v3. This vulnerability was introduced with the hardware redesign of the v3 of FX0-GENT and FX0-GPNT as part of the implementation of the RK512 protocol...
SUSE CVE-2022-34835
In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...
The vulnerability of the ASP Bootloader for AMD processors allows a hacker to trigger a system failure.
The vulnerability of the ASP Bootloader for AMD processors arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure remotely...
PT-2023-1372 · Unknown · Asp Bootloader
Name of the Vulnerable Software and Affected Versions: ASP Bootloader affected versions not specified Description: The issue is related to insufficient syscall input validation in the ASP Bootloader, which may allow a privileged attacker to read memory outside the bounds of a mapped register,...
PT-2023-12087 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to the failure to validate the integer operand in the ASP bootloader, which may allow an attacker to introduce an integer overflow in the L2 directory tabl...
CVE-2022-2483
The bootloader in the Nokia ASIK AirScale system module versions 474021A.101 and 474021A.102 loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device...
CVE-2022-24936 Gecko Standalone Bootloader vulnerability may allow bypassing application secure boot in some Series 2 devices
Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade...
Moto E20 Readback Vulnerability
09/11/2022 Update: CVE ID CVE-2022-3917 has been reserved, with Lenovo to publish the Advisory Summary. TL;DR The Motorola E20 is an entry-level smartphone that uses a Unisoc system-on-chip. Motorola holds around 10% of the US smartphone market, though the sales of the E20 as a subset of that are...
DEBIAN-CVE-2022-2347
There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...
PT-2022-4106
Name of the Vulnerable Software and Affected Versions New Horizon Datasys bootloaders before 2022-06-01 Description A flaw was found in the bootloaders, allowing an attacker to bypass or tamper with Secure Boot protections. To load and execute arbitrary code in the pre-boot stage, an attacker nee...
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
Out-of-bounds
A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses...
AMD EPYC 安全漏洞
AMD EPYC is an x86 server microprocessor product line from AMD, known as "Xiao Long" in Chinese, which utilizes the Zen microarchitecture. A security vulnerability exists in AMD EPYC UApp/ABL. The vulnerability can be exploited by an attacker to corrupt arbitrary memory by bootloading a program,...
CVE-2021-1111
Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...
Samsung Tizen Code Injection Vulnerability (CNVD-2021-51433)
Samsung Tizen is an open-source Linux-based mobile operating system from Samsung, South Korea, for smartphones, tablets, smartwatches, netbooks, in-vehicle messaging and entertainment devices, and smart TVs. Samsung Tizen suffers from a code injection vulnerability that stems from an input...
CVE-2021-34396
Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service...