CVE-2025-0824

Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28. This issue affects Hitachi Virtual Storage Platform One Block 23, 24, 26, 28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00...

CVE-2025-0824 lack of validation for firmware update in Hitachi Virtual Storage

Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28. This issue affects Hitachi Virtual Storage Platform One Block 23, 24, 26, 28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00...

CVE-2025-0824

CVE-2025-0824 describes a vulnerability in the firmware update process of Hitachi Virtual Storage Platform One Block models 23, 24, 26, and 28 (pre-DKCMAIN A3-04-21-40/00, pre-ESM A3-04-21/00) where input/firmware update validation is insufficient. The underlying issue is lack of validation for f...

EUVD-2025-210367

Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28. This issue affects Hitachi Virtual Storage Platform One Block 23, 24, 26, 28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00...

CVE-2025-30199

ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station...

Ubiquiti UniFi Protect Cameras Firmware Update Insufficient Authentication Vulnerability

Ubiquiti UniFi Protect Cameras is a line of security cameras from Ubiquiti Networks that support the UniFi Protect platform for centralized management with remote access, smart monitoring and more. Ubiquiti UniFi Protect Cameras suffers from a Firmware Update Validation Insufficiency vulnerabilit...

CVE-2025-23117

An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system...

CVE-2024-23922

Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The...

CVE-2023-28386

Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrar...

CVE-2020-10926

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results fro...