13 matches found
PT-2026-34742
Name of the Vulnerable Software and Affected Versions Carlson VASCO-B GNSS Receiver affected versions not specified Description The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism. This allows an attacker with network access to directly access and modify its configuration and...
GNSS SpAmming: A Spoofing-Based GNSS Denial-Of-Service Attack
GNSSs are vulnerable to attacks of two kinds: jamming i.e. denying access to the signal and spoofing i.e. impersonating a legitimate satellite. These attacks have been extensively studied, and we have a myriad of countermeasures to mitigate them. In this paper we expose a new type of attack:...
Leica Geosystems GNSS 安全漏洞
Leica Geosystems GNSS is a line of mapping equipment from Leica Germany. A security vulnerability exists in Leica Geosystems GNSS version 4.30.063, which stems from the presence of stored cross-site scripting in the configuration file upload function that could lead to the execution of arbitrary...
CVE-2025-20747
In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443; Issue ID: MSV-3966...
Meta-Learning Based Radio Frequency Fingerprinting for GNSS Spoofing Detection
The rapid development of technology has led to an increase in the number of devices that rely on position, velocity, and time PVT information to perform their functions. As such, the Global Navigation Satellite Systems GNSS have been adopted as one of the most promising solutions to provide PVT...
CVE-2025-20722
In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920036; Issue ID: MSV-3798...
CVE-2025-20723
In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920033; Issue ID: MSV-3797...
Authentication Security of PRF GNSS Ranging
This work derives the authentication security of pseudorandom function PRF GNSS ranging under multiple GNSS spoofing models, including the Security Code Estimation and Replay SCER spoofer. When GNSS ranging codes derive from a PRF utilizing a secret known only to the broadcaster, the spoofer cann...
The unexpected effects of GPS spoofing on aviation safety
GPS is one service in the Global Navigation Satellite System GNSS. Others include Russia’s GLONASS and the EU’s Galileo constellations. These are all used to provide Position, Navigation, and Timing PNT to civilian users including commercial aircraft. GPS was actually designed to have military...
PT-2024-27995 · Qualcomm · Qualcomm Snapdragon Auto
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto affected versions not specified Description: The issue is related to memory corruption during the GNSS HAL process initialization. Recommendations: At the moment, there is no information about a newer version that...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption during the initialization of the GNSS HAL process...
CVE-2023-32817
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044035...
The vulnerability of the Qualcomm GNSS API component in the Android operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Qualcomm GNSS API in the Android operating system is related to errors in pointer arithmetic. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...