CVE-2026-50207 Local Modem Manipulation via Binder Interfaces

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

The vulnerability of the Zabbix universal monitoring system arises from the improper neutralization of special elements used in the command line. This allows a hacker to execute additional AT commands on the modem.

The vulnerability of the Zabbix universal monitoring system lies in the execution of test SMS messages, by providing a specially created phone number, and executing additional AT commands on the modem. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute addition...

SUSE CVE-2024-22122

Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...

DEBIAN-CVE-2024-22122

Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...

Nokia C100 安全漏洞

Nokia C100 is a smartphone from Nokia, Finland. A security vulnerability exists in the Nokia C100 and Nokia C200, which arises from the fact that certain software versions of the device contain a vulnerable pre-installed application com.tracfone.tfstatus that allows a local third-party applicatio...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. The Huawei HarmonyOS and EMUI information disclosure...

Privilege escalation

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service device interoperability: completely permanent or requiring re-flashing the entir...

UBUNTU-CVE-2016-8467

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service device interoperability: completely permanent or requiring re-flashing the entir...

CVE-2016-8467

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service device interoperability: completely permanent or requiring re-flashing the entir...

CVE-2016-8467

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service device interoperability: completely permanent or requiring re-flashing the entir...

CVE-2016-8467

CVE-2016-8467 describes a local elevation-of-privilege flaw in the Nexus bootloader that lets an attacker change the boot mode via fastboot (e.g., fastboot oem config bootmode bp-tools), thereby gaining access to the device and potentially hidden USB interfaces. The described attack alters the an...