CVE-2022-20039

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183345; Issue ID: ALPS06183345...

CVE-2022-20039

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183345; Issue ID: ALPS06183345...

CVE-2021-0347

In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID:...

Mercedes-Benz HERMES Misconfiguration Vulnerability

Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz connected vehicles. A misconfiguration vulnerability exists in the debug interface in Mercedes-Benz HERMES 2.1. An attacker with direct physical access to the device hardware could exploit the vulnerability to obtain...

Mercedes-Benz HERMES Certification Bypass Vulnerability

Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz connected vehicles. An authentication bypass vulnerability exists in the debug interface in Mercedes-Benz HERMES 2.1. An attacker with physical access to the device hardware could exploit this vulnerability to obtain syst...

Mercedes-Benz HERMES Certification Bypass Vulnerability (CNVD-2021-17723)

Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz connected vehicles. An authentication bypass vulnerability exists in the debug interface in Mercedes-Benz HERMES 1.5. An attacker with physical access to the device hardware could exploit this vulnerability to obtain syst...

Mercedes-Benz HERMES misconfiguration vulnerability (CNVD-2021-17721)

Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz connected vehicles. A misconfiguration vulnerability exists in the debug interface in Mercedes-Benz HERMES 1. An attacker with direct physical access to the device hardware could exploit the vulnerability to obtain cellul...

Mercedes-Benz HERMES misconfiguration vulnerability (CNVD-2021-17724)

Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz connected vehicles. A misconfiguration vulnerability exists in the debug interface in Mercedes-Benz HERMES 1.5. An attacker with direct physical access to the device hardware could exploit the vulnerability to obtain...

Mercedes-Benz HERMES Certification Bypass Vulnerability (CNVD-2021-17722)

Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz connected vehicles. An authentication bypass vulnerability exists in the debug interface in Mercedes-Benz HERMES 1. An attacker with physical access to the device hardware could exploit this vulnerability to obtain system...

Siemens Ktk Uncontrolled Resource Consumption

A vulnerability has been identified in KTK ATE530S All versions, SIDOOR ATD430W All versions, SIDOOR ATE530S COATED All versions, SIDOOR ATE531S All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC incl. SIPLUS variants All versions = V4.2, SIMATIC ET200SP IM155-6 MF HF All versions,...

CVE-2020-12834

eQ-3 Homematic Central Control Unit CCU2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup or factory...

CVE-2020-12834

eQ-3 Homematic Central Control Unit CCU2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup or factory...

Connected Home Hubs Open Houses to Full Remote Takeover

Three different connected home hubs – Fibaro Home Center Lite, Homematic Central Control Unit CCU2 and Elko’s eLAN-RF-003 – are vulnerable in their older versions to serious bugs that would allow information disclosure, man-in-the-middle MiTM attacks and unauthenticated remote code execution RCE,...

Information Disclosure

kernel is vulnerable to information disclosure. Information leak flaws were found in the Linux kernel's Traffic Control Unit implementation. A local attacker could use these flaws to cause the kernel to leak kernel memory to user-space, possibly leading to the disclosure of sensitive information...

Design/Logic Flaw

Toyota 2017 Model Year DCU Display Control Unit allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. The affected DCUs are installed in Lexus LC, LS, NX, RC, RC F, TOYOTA CAMRY, and TOYOTA SIENNA manufactured in the...

CVE-2020-5551

The CVE-2020-5551 entry describes a vulnerability in Toyota 2017 Model Year DCU (Display Control Unit) exposed in Lexus (LC, LS, NX, RC, RC F), Toyota Camry, and Toyota Sienna (regions outside Japan) built Oct 2016–Oct 2019. An unauthenticated attacker within Bluetooth range can trigger a DoS or ...

CVE-2020-5551

Toyota 2017 Model Year DCU Display Control Unit allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. The affected DCUs are installed in Lexus LC, LS, NX, RC, RC F, TOYOTA CAMRY, and TOYOTA SIENNA manufactured in the...

Toyota 2017 Model Year DCU Arbitrary Code Execution Vulnerability

The Toyota 2017 Model Year DCU is a display control unit used in Toyota vehicles by Toyota Japan. A security vulnerability exists in the Toyota 2017 Model Year DCU Display Control Unit. An attacker could exploit the vulnerability to cause a denial of service or execute arbitrary code...

Reverse Engineering Tesla Hardware

TL;DR How does the Tesla Model S update its firmware? What did we find when reverse engineering the display and instrument cluster? Here’s the result of a couple of weeks work, working on a real vehicle that mostly worked after we had finished. Part 1: analysing the hardware, complete with a 14...

Denial of Service Vulnerability in UDC-301CE Measurement and Control Unit

UDC-301CE measurement and control device is a digital measurement and control device to realize line or transformer interval measurement and control function. A denial of service vulnerability exists in the UDC-301CE, which can be exploited by an attacker to cause a system crash...