209 matches found
Zephyr 安全漏洞
Zephyr is an open source, small, scalable real-time operating system. Zephyr suffers from a security vulnerability that stems from the fact that when setup in conjunction with littlefs, MCUmgr can be used to extract all security-related information from the device. No details of the vulnerability...
CVE-2020-12061
An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attack...
CVE-2020-12061
An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attack...
CVE-2020-12061
An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attack...
PT-2021-9436 · Nitrokey · Nitrokey Fido U2F
Name of the Vulnerable Software and Affected Versions: Nitrokey FIDO U2F firmware versions through 1.1 Description: An issue in the communication between the microcontroller and the secure element allows an adversary to eavesdrop and derive secrets stored in the microcontroller, enabling arbitrar...
CVE-2021-22677
An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to...
Texas Instruments TI-RTOS-MCU 输入验证错误漏洞
The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. The Texas Instruments TI-RTOS-MCU has an input validation error vulnerability that originates from returning a valid pointer to a small buffer on a...
Texas Instruments SimpleLink 输入验证错误漏洞
Texas Instruments SimpleLink is an ultra-low power wireless microcontroller from Texas Instruments. An integer overflow or wrap-around vulnerability exists in multiple Texas Instruments products that originates from an integer overflow in the host MCU's api when attempting to connect to a WIFI...
The vulnerability of the implementation of the ISN generator in the protocols used by uC/OS and uC/TCP-IP allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the ISN generator implementation in the uC/OS and uC/TCP-IP protocols is related to the use of insufficiently random values. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
PT-2021-2224 · Silicon · Uc/Tcp-Ip
Name of the Vulnerable Software and Affected Versions: Silicon Labs uC/TCP-IP version 3.6.0 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the stack protocol used by uC/OS and uC/TCP-IP. This could allow a remote attacker to gain unauthorized...
Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56815)
The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...
Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56814)
The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...
Realtek RTL8195A Buffer Overflow Vulnerability
The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...
Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56817)
The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...
Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56816)
The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...
Gigadevice GD32F103 Code Execution Vulnerability
The Gigadevice GD32F103 is a Mega Easy microcontroller device. The Gigadevice GD32F103 security protection suffers from a code execution vulnerability that can be exploited by a physically-accessible attacker to submit a special request, redirect control flow and execute arbitrary code...
Buffer Overflow Vulnerability in Multiple Realtek Products
Realtek RTL8195AM and others are an IoT microcontroller from Realtek Semiconductor Taiwan, China. A buffer overflow vulnerability exists in several Realtek products. A remote attacker can exploit this vulnerability to execute arbitrary code on a system with the help of specially crafted EAPOL-Key...
The vulnerability of Thunderbolt devices’ microcontrollers, related to errors in the implementation of the SPI Flash interface, allows attackers to gain direct access to the memory of computing devices connected to Thunderbolt interfaces.
The vulnerability of Thunderbolt device microcontrollers is related to errors in the implementation of the SPI Flash interface. Exploiting this vulnerability can allow an attacker to gain direct access to the memory of computing devices, to which Thunderbolt-enabled devices are connected...
The vulnerability of Thunderbolt devices’ microcontrollers, related to errors in the implementation of backward compatibility mechanisms, allows attackers to gain direct access to the memory of computing devices to which Thunderbolt-enabled devices are connected.
The vulnerability of Thunderbolt device microcontrollers is related to errors in the implementation of backward compatibility mechanisms. Exploiting this vulnerability can allow an attacker to gain direct access to the memory of computing devices, to which Thunderbolt-enabled devices are connecte...
The vulnerability of Thunderbolt devices’ microcontrollers stems from the use of a weak authentication scheme for the device. This allows attackers to gain direct access to the memory of the computing device, which is connected to Thunderbolt interfaces.
The vulnerability of Thunderbolt device microcontrollers is related to the use of a weak authentication mechanism for devices. Exploiting this vulnerability can allow attackers to gain direct access to the memory of computing devices, to which Thunderbolt devices are connected...