168 matches found
CVE-2024-38606
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adfsendadmintlstart enables the telemetry TL feature on a QAT device by sending the ICPQATFWTLSTART message to the firmware. This triggers the FW to start writing TL...
PT-2024-3509 · Huawei · Huawei Matebook D16
Name of the Vulnerable Software and Affected Versions: Huawei Matebook D16 Model: CREM-WXX9, BIOS: v2.26 Description: The issue is related to insufficient validation of exceptional states in the UEFI BIOS firmware of Huawei personal computers. This can be exploited by a malicious OS attacker to...
AMD EPYC Security Vulnerability
AMD EPYC is an x86 architecture server microprocessor product line from AMD Semiconductor, known in Chinese as "霄龙", which utilizes the Zen microarchitecture. A security vulnerability exists in AMD EPYC™ Processors that stems from insufficient data authenticity validation in AGESA, resulting in a...
Stack overflow
During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
CVE-2023-23773
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent impla...
AudioCodes VoIP Phones Insufficient Firmware Validation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-055 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.4.1000 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Missing Immutable Root of Trust in Hardware...
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
Design/Logic Flaw
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
AudioCodes VoIP Data Forgery Issue Vulnerability
AudioCodes VoIP is a series of desk phones from the Israeli company AudioCodes. A security vulnerability exists in AudioCodes VoIP desk phones version 3.4.4.1000 and prior versions, which stems from the validation of firmware images that only contain simple checksums for different firmware...
CVE-2023-22955
AudioCodes VoIP desk phones up to version 3.4.4.1000 are affected. The vulnerability stems from firmware-image validation that uses only simple checksums, enabling an attacker who can influence the flasher tool to inject malicious firmware. Root cause: insufficient validation allowing firmware ta...
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
Remote code execution
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrar...
CVE-2023-28386
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrar...
CVE-2022-36330
A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their...
CVE-2022-36330
A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their...
CVE-2022-36330
CVE-2022-36330 is a buffer overflow vulnerability affecting Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices. The issue stems from firmware version validation and could enable an unauthenticated remote code execution, with exploitation requiring prior privilege escalation...
CVE-2022-36330 Buffer Overflow Vulnerability in Western Digital My Cloud Home and ibi devices
A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their...