Lucene search
K

271 matches found

Prion
Prion
added 2023/06/15 8:15 p.m.17 views

Design/Logic Flaw

The initialization vector IV used by the secure engine SE for encrypting data stored in the SE flash memory is uninitialized...

1.7CVSS5.5AI score0.00164EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/06/15 7:49 p.m.67 views

CVE-2023-2747

The CVE-2023-2747 issue concerns an uninitialized initialization vector (IV) used by the Secure Engine (SE) to encrypt data stored in SE flash memory, impacting Silicon Labs Gecko SDK/SE firmware. Concrete details from connected documents indicate the affected firmware range is Gecko SE firmware ...

5.5CVSS4.4AI score0.00164EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/15 7:49 p.m.18 views

CVE-2023-2747 Uninitialized IV in Silicon Labs SE FW v2.0.0 through v 2.2.1 for internally stored data

The initialization vector IV used by the secure engine SE for encrypting data stored in the SE flash memory is uninitialized...

3.1CVSS6.7AI score0.00164EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.5 views

PT-2023-21148 · Silabs.Com +1 · Gsdk +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The initialization vector IV used by the secure engine SE for encrypting data stored in the SE flash memory is uninitialized. This issue affects the encryption process, potentially...

5.5CVSS6.8AI score0.00164EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.4 views

BMC AMI 访问控制错误漏洞

BMC AMI BMC Automated Mainframe Intelligence is an automated mainframe intelligence solution from BMC USA. A security vulnerability exists in BMC AMI that stems from allowing an unauthenticated host to write to the mainframe SPI flash memory, bypassing secure boot protection and potentially leadi...

9.1CVSS8.2AI score0.00393EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/28 12:0 a.m.11 views

CVE-2023-30024

The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/write access. Attackers can exploit this by replacing the original software with a malicious version, leading to ransomware deployment on the host computer...

6.5AI score0.00472EPSS
Exploits1References4
CVE
CVE
added 2023/04/28 12:0 a.m.68 views

CVE-2023-30024

CVE-2023-30024 concerns the MagicJack A921 USB Phone Jack. The vulnerability stems from a hidden NAND flash memory partition that allows unauthorized read/write access, enabling an attacker to replace the firmware with a malicious version and trigger ransomware deployment on the host computer. Af...

6.6CVSS6.4AI score0.00472EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2023/04/28 12:0 a.m.4 views

MagicJack A921 USB Phone Jack 安全漏洞

MagicJack A921 USB Phone Jack is a USB jack for free local and long distance calls from MagicJack USA. A security vulnerability exists in MagicJack A921 USB Phone Jack version v.1.4, which stems from the presence of an insecure privilege vulnerability. An attacker could exploit the vulnerability ...

6.6CVSS6.6AI score0.00472EPSS
Exploits1References5
Prion
Prion
added 2023/03/23 5:15 p.m.20 views

Design/Logic Flaw

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This...

4.6CVSS6.7AI score0.00375EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/23 12:0 a.m.12 views

CVE-2023-20082 Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This...

6.1CVSS7.3AI score0.00375EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/23 12:0 a.m.31 views

CVE-2023-20082 Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This...

6.1CVSS6.8AI score0.00375EPSS
Exploits0References1
Cisco
Cisco
added 2023/03/22 4:0 p.m.77 views

Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This...

6.1CVSS6.5AI score0.00375EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/22 12:0 a.m.6 views

PT-2023-2222 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches versions prior to 16.11.1 Description: A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker...

6.8CVSS6.7AI score0.00375EPSS
Exploits0References4
OSV
OSV
added 2023/03/03 1:15 p.m.3 views

CVE-2022-45552

An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...

7.5CVSS5.8AI score0.00846EPSS
Exploits1References3
NVD
NVD
added 2023/03/03 1:15 p.m.18 views

CVE-2022-45552

An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...

7.5CVSS7.3AI score0.00846EPSS
Exploits1References3
Prion
Prion
added 2023/03/03 1:15 p.m.19 views

Design/Logic Flaw

An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...

5CVSS7.3AI score0.00846EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/03/03 12:0 a.m.30 views

CVE-2022-45552

An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...

7.5AI score0.00846EPSS
Exploits1References1
CVE
CVE
added 2023/03/03 12:0 a.m.63 views

CVE-2022-45552

CVE-2022-45552 concerns an Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v21.06.18. The issue arises from exposure of the NAND flash memory via the SPI bus interface, coupled with insecure permissions, allowing an attacker to read sensitive information from...

7.5CVSS7.2AI score0.00846EPSS
Exploits1References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.3 views

SUSE CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

4.7CVSS7.2AI score0.00188EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/01/13 12:0 a.m.4 views

NVIDIA DGX 访问控制错误漏洞

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A security vulnerability exists in NVIDIA DGX A100. An attacker exploiting this vulnerability could read, write, and erase flash memory, resulting in code execution, privilege escalation, denial of service, a...

8.2CVSS7.8AI score0.00184EPSS
Exploits0References2
Rows per page
Query Builder