196 matches found
A Comprehensive Study on Cyber Attack Vectors in EV Traction Power Electronics
Electric vehicles EVs have drastically changed the auto industry and developed a new era of technologies where power electronics play the leading role in traction management, energy conversion and vehicle control processes. Nevertheless, this is a digital transformation, and the cyber-attack...
[SECURITY] Fedora 43 Update: python-platformio-6.1.18-7.fc43
PlatformIO is a cross-platform, cross-architecture, multiple framework, professional tool for embedded systems engineers and for software developers who write applications for embedded products...
[SECURITY] Fedora 41 Update: inih-62-1.fc41
The inih package provides simple INI file parser which is only a couple of pages of code, and it was designed to be small and simple, so it's good for embedded systems...
CVE-2025-31702
A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP request. This may...
[SECURITY] Fedora 42 Update: inih-62-1.fc42
The inih package provides simple INI file parser which is only a couple of pages of code, and it was designed to be small and simple, so it's good for embedded systems...
EUVD-2019-5249
Malware in sbrugna...
EUVD-2017-4360
Malware in sbrugna...
EUVD-2021-18141
Malware in sbrugna...
EUVD-2023-34358
Malicious code in bioql PyPI...
Hybrid Cryptographic Monitoring System for Side-Channel Attack Detection on PYNQ SoCs
AES-128 encryption is theoretically secure but vulnerable in practical deployments due to timing and fault injection attacks on embedded systems. This work presents a lightweight dual-detection framework combining statistical thresholding and machine learning ML for real-time anomaly detection. B...
wolfSSL(CyaSSL) 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL CyaSSL that stems from a certificate validation error that could cause a client to accept a certificate...
Characterizing Security and Privacy Teaching Standards for Schools in the United States
Increasingly, students begin learning aspects of security and privacy during their primary and secondary education grades K-12 in the United States. Individual U.S. states and some national organizations publish teaching standards -- guidance that outlines expectations for what students should...
CVE-2025-34034
CVE-2025-34034 relates to a hardcoded credential vulnerability in the Blue Angel Software Suite on embedded Linux devices. The affected software contains multiple default/hardcoded user accounts not disclosed publicly, allowing unauthenticated or low-privilege attackers to gain administrative acc...
[SECURITY] Fedora 41 Update: dropbear-2025.88-1.fc41
Dropbear is a relatively small SSH server and client. It's particularly useful for "embedded"-type Linux or other Unix systems, such as wireless routers...
CVE-2019-13991
Embedded systems based on Arduino before Rev3 allow remote attackers to send data to LEDs directly connected to GPIO pins via a laser, because of LED photosensitivity...
ACE: Confidential Computing for Embedded RISC-V Systems
Confidential computing plays an important role in isolating sensitive applications from the vast amount of untrusted code commonly found in the modern cloud. We argue that it can also be leveraged to build safer and more secure mission-critical embedded systems. In this paper, we introduce the...
AES-RV: Hardware-Efficient RISC-V Accelerator with Low-Latency AES Instruction Extension for IoT Security
The Advanced Encryption Standard AES is a widely adopted cryptographic algorithm essential for securing embedded systems and IoT platforms. However, existing AES hardware accelerators often face limitations in performance, energy efficiency, and flexibility. This paper presents AES-RV, a...
Complexity of Post-Quantum Cryptography in Embedded Systems and Its Optimization Strategies
With the rapid advancements in quantum computing, traditional cryptographic schemes like Rivest-Shamir-Adleman RSA and elliptic curve cryptography ECC are becoming vulnerable, necessitating the development of quantum-resistant algorithms. The National Institute of Standards and Technology NIST ha...
fprime 安全漏洞
fprime is a NASA open source framework for flight software and embedded systems. A security vulnerability exists in fprime v3.4.3, which stems from multiple cross-site scripting vulnerabilities...
The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series systems relates to the possibility of manipulating cross-site requests. This allows attackers to carry out CSRF attacks.
The vulnerability of microprogramming software in embedded network control devices of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack...