PT-2023-25072 · Hitachi · Hitachi Eh-View

Name of the Vulnerable Software and Affected Versions: Hitachi EH-VIEW KeypadDesigner affected versions not specified Description: The issue is an Out-of-bounds Write vulnerability that allows local attackers to potentially execute arbitrary code on affected installations. User interaction is...

Numlockが勝手に切り替わる

公開デスクトップ利用中に USB テンキーパッドのオン・オフが勝手に切り替わってしまうことがありました。 ・USB テンキーパッドの機種を変更したところ、事象が発生しなくなりました ・使用アプリケーションや操作内容には依存しません ・USB テンキーパッド部分の操作中、意図せず発生した事象であり、キーボードのその他キー操作では発生しませんでした ・なお、接続元端末における以下のレジストリ設定変更では解消しませんでした。 HKEYLOCALMACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Lockdown Profiles\All...

CVE-2023-27648

Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage...

CVE-2023-27648

Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage...

CVE-2023-27648

Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage...

CVE-2023-27648

CVE-2023-27648: A directory traversal vulnerability affects T-ME Studios Change Color of Keypad v1.275.1.277. The flaw enables a remote attacker to execute arbitrary code via a dex file stored in internal storage. Severity is reflected as CRITICAL (CVSS 3.1, base score 9.8). Root cause involves u...

PT-2023-21281 · T Me Studios · T-Me Studios Change Color Of Keypad

Name of the Vulnerable Software and Affected Versions: T-ME Studios Change Color of Keypad version 1.275.1.277 Description: A Directory Traversal issue allows a remote attacker to execute arbitrary code via the dex file in the internal storage. This enables the attacker to potentially access and...

SUSE CVE-2006-1335

gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled, allows attackers with physical access to cause the screensaver to crash and access the session via the Ctl+Alt+Keypad-Multiply keyboard sequence, which removes the grab from gnome...

CVE-2022-29948

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...

CVE-2022-28386

An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout e.g., requiring a reformat of the drive after 20 failed unlock attempts does not work as specified. More than 20 attempts may be made. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number...

CVE-2022-28386

An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout e.g., requiring a reformat of the drive after 20 failed unlock attempts does not work as specified. More than 20 attempts may be made. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number...

Security feature bypass

An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout e.g., requiring a reformat of the drive after 20 failed unlock attempts does not work as specified. More than 20 attempts may be made. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number...

CVE-2022-28384

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...

CVE-2022-28383

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...

CVE-2022-28384

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...

CVE-2022-28383

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

Verbatim Keypad Secure USB Drive 安全漏洞

The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from the Chinese company Verbatim. A security vulnerability exists in the Verbatim Keypad Secure USB Drive, which arises from an insecure design and can be exploited by an attacker to brute-force break a password offline...

PT-2022-18992 · Verbatim · Verbatim Drives

Name of the Vulnerable Software and Affected Versions: Verbatim drives affected versions not specified Description: An issue was discovered in certain Verbatim drives due to insufficient firmware validation. An attacker can store malicious firmware code for the USB-to-SATA bridge controller on th...