10 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-34302
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In...
Intel® NUC Firmware Advisory
Summary: Potential security vulnerabilities in some Intel® NUC BIOS firmware may allow escalation of privilege or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-34301Non-Intel issued Description:...
RHEL 9 : fwupd (RHSA-2023:2487)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2487 advisory. The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password ...
Moderate: Red Hat Security Advisory: fwupd security and bug fix update
An update for fwupd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ALSA-2023:2487 Moderate: fwupd security and bug fix update
The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 shim: 3rd party shim allow secure boot bypass CVE-2022-34301 shim: 3rd party shim allow secure boot bypass...
Moderate: fwupd security and bug fix update
The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 shim: 3rd party shim allow secure boot bypass CVE-2022-34301 shim: 3rd party shim allow secure boot bypass...
CVE-2022-34302
CVE-2022-34302 affects signed bootloaders in the UEFI Secure Boot chain (New Horizon Datasys bootloader). An attacker can bypass Secure Boot and load unsigned code in the pre-boot stage by replacing the currently used signed bootloader. This requires access to the EFI System Partition to boot wit...
CVE-2022-34302
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...
CVE-2022-34302
creationtimestamp| type| source ---|---|--- 2022-08-15 11:40:58+00:00| exploited| https://t.me/truesecator/3290 2022-08-15 16:43:40+00:00| seen| https://t.me/itsecnews/1207 2022-08-16 14:16:17+00:00| seen| https://t.me/itsecnews/1216 2022-08-16 18:50:04+00:00| seen| https://t.me/truesecator/3298...
CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass
...