173 matches found
Cisco Router SYNful Knock Implant TCP Activator
A router implant vulnerability, known as SYNful Knock has been reported in multiple Cisco routers . A successful exploitation might enable the attacker to modify the router's firmware, and thereby allow running arbitrary code, or using the server as a bot for further attacks...
Attackers Replacing Firmware on Cisco Routers
Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks recently in which hackers have been modifying the firmware of Cisco routers and using that foothold to...
Fiat Chrysler Automobiles Uconnect Remote Elevation of Privilege Vulnerability
Fiat Chrysler Automobiles Uconnect is a suite of in-car information systems from Fiat Chrysler Automobiles FCA in the United States. An unspecified vulnerability exists in Fiat Chrysler Automobiles Uconnect 15.26.1. A remote attacker on the same mobile network could exploit this vulnerability by...
CVE-2014-4498
The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue...
CVE-2014-2046
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to 1 obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or 2 modify the firmware via...
Design/Logic Flaw
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to 1 obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or 2 modify the firmware via...
EUVD-2013-2523
cgi-bin/firmwareupgrade in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6 allows remote attackers to modify the firmware revision via a "preset" action...
Design/Logic Flaw
IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a 1 USB or 2 Bluetooth keyboard via unspecified vectors...
CVE-2009-2834
IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a 1 USB or 2 Bluetooth keyboard via unspecified vectors...
security flaw
SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices...
Multiple Linksys WRT54G router vulnerabilities
Buffer overflow and possibility for unauthorized configuration / firmware modification, static HTTPs key, DoS...
CVE-2004-1190
The CVE-2004-1190 issue affects SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9, where commands sent to CD devices opened read-only were not properly checked. This could permit a local attacker to perform unauthorized writes to the firmware of connected SCSI devices, potentially c...
CVE-2001-1484
Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol TFTP to modify firmware and configuration via a bounce attack from a system on the local area network LAN side, which is allowed to access TFTP without authentication...