20 matches found
EUVD-2025-12183
Malicious code in bioql PyPI...
EUVD-2025-12179
Malicious code in bioql PyPI...
CVE-2025-2762
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2025-2764
CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is required to exploit...
CVE-2025-2763
CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this...
CVE-2025-2763
CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this...
CVE-2025-2762
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2025-2765 CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability...
CVE-2025-2765 CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability...
CVE-2025-2765
CVE-2025-2765 affects CarlinKit CPC200-CCPA Wireless Hotspot. The vulnerability is a hard-coded credential issue in the hotspot configuration that enables authentication bypass by network-adjacent attackers with no user interaction. Multiple sources (ZDI advisory ZDI-25-177, Red Hat, CVEs listing...
CVE-2025-2764 CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability
CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is required to exploit...
CVE-2025-2763 CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability
CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this...
CVE-2025-2763 CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability
CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this...
CVE-2025-2762 CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2025-2762 CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...
CarlinKit CPC200-CCPA 安全漏洞
CarlinKit CPC200-CCPA is a wireless CarPlay and Android Auto adapter from CarlinKit. A security vulnerability exists in the CarlinKit CPC200-CCPA, which stems from a missing hardware root of trust configuration that could lead to local elevation of privilege...
CarlinKit CPC200-CCPA 信任管理问题漏洞
The CarlinKit CPC200-CCPA is a wireless CarPlay and Android Auto adapter from CarlinKit. The CarlinKit CPC200-CCPA suffers from a trust management issue vulnerability that stems from the use of hard-coded credentials in wireless hotspots, which could lead to authentication bypass...
PT-2025-12839 · Carlinkit · Carlinkit Cpc200-Ccpa
Name of the Vulnerable Software and Affected Versions: CarlinKit CPC200-CCPA affected versions not specified Description: The issue is related to an improper verification of cryptographic signature, which can lead to code execution. Recommendations: At the moment, there is no information about a...
(0Day) CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
(0Day) CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the wireless hotspot. The issue results from...