CVE-2022-39064

An attacker sending a single malformed IEEE 802.15.4 Zigbee frame makes the TRÅDFRI bulb blink, and if they replay i.e. resend the same frame multiple times, the bulb performs a factory reset. This causes the bulb to lose configuration information about the Zigbee network and current brightness...

CVE-2022-38396

HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 o...

CVE-2021-25433

Improper authorization vulnerability in Tizen factory reset policy prior to Firmware update JUL-2021 Release allows untrusted applications to perform factory reset using dbus signal...

CVE-2021-36163

In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkeleton: New HessianSkeleton are created without any configuration of the serialization factory and therefore without...

CVE-2021-37436

Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing...

CVE-2021-39622

In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

CVE-2021-39678

In of , there is a possible bypass of Factory Reset Protection due to . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171742549References: N/A...

CVE-2021-35941

Western Digital WD My Book Live 2.x and later and WD My Book Live Duo all versions have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472...

CVE-2021-1008

In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a factory reset due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-41545

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. When the controller receives a specific BACnet protocol packet, an exception cause...

CVE-2021-20034

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...

CVE-2020-35550

An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. Attackers can bypass Factory Reset Protection FRP via StatusBar. The Samsung ID is SVE-2020-17888 December 2020...

CVE-2020-0443

In LocaleList of LocaleList.java, there is a possible forced reboot due to an uncaught exception. This could lead to local denial of service requiring factory reset to restore with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-...

CVE-2020-25051

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 software. Attackers can bypass Factory Reset Protection FRP via AppInfo. The Samsung ID is SVE-2020-17758 August 2020...

CVE-2020-10855

An issue was discovered on Samsung mobile devices with P9.0 software. Attackers can bypass Factory Reset Protection FRP via AppTray. The Samsung ID is SVE-2019-16192 January 2020...

CVE-2020-0266

In factory reset protection, there is a possible FRP bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1110864...

CVE-2020-0029

In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-23592

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to Reset ONU to Factory Default through ' /mgmdevreset.asp.' Resetting to default leads to Escalation o...

CVE-2020-28340

An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. Attackers can bypass Factory Reset Protection FRP via Secure Folder. The Samsung ID is SVE-2020-18546 November 2020...

CVE-2020-15579

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Attackers can bypass Factory Reset Protection FRP via the KNOX API. The Samsung ID is SVE-2020-17318 July 2020...