CVE-2024-44100

Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that stems from allowing information to be leaked in the modem component...

Vivo Fibra Askey RTF8225VW Command Execution Vulnerability

The Vivo Fibra Askey RTF8225VW modem suffers from an input validation vulnerability that allows for full escalation to a functioning shell once logged in and using the restricted aspsh shell. --- Exploit 1 Documentation on the Vivo Fibra Modem Exploit I discovered an exploit that allows access to...

Vivo Fibra Askey RTF8225VW Command Execution

--- Exploit 1 Documentation on the Vivo Fibra Modem Exploit I discovered an exploit that allows access to the sh shell on the Vivo Fibra modem. This method essentially involves terminating the aspsh shell and invoking sh using the output of cat /dev/null. Using the pipe | is crucial for this...

ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Code Execution

ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management an...

CVE-2024-20094

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535...

CVE-2024-20094

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535...

CVE-2024-20094

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535...

CVE-2024-20094

Summary: CVE-2024-20094 describes a vulnerability in the Modem module where a missing bounds check can cause a remote denial-of-service (DoS) without user interaction. The issue is tied to MediaTek MOLY patch MOLY00843282 (MSV-1535). Affected software/area: Modem component in the MediaTek/MOLY st...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the Modem module, which may crash the system...

PT-2024-19853

Name of the Vulnerable Software and Affected Versions MSM module affected versions not specified Description The issue involves memory corruption when invoking IOCTL calls for the MSM module from user space during audio playback and record. This occurs due to improper handling of IOCTL calls,...

PUB-A-322820753

In mmGetMobileIdIndexForNsUpdate of mmGmmPduCodec.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-319834067

there is a possible Null Pointer Dereference modem crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

VulnCheck KEV: CVE-2023-43478

fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code...

The vulnerability of the Zabbix universal monitoring system arises from the improper neutralization of special elements used in the command line. This allows a hacker to execute additional AT commands on the modem.

The vulnerability of the Zabbix universal monitoring system lies in the execution of test SMS messages, by providing a specially created phone number, and executing additional AT commands on the modem. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute addition...

CVE-2024-25074

The CVE-2024-25074 issue affects Samsung Semiconductor Mobile Processor and Modem lines, including Exynos 9820/9825/980/990/850/1080/2100/2200/1280/1380/1330/9110/W920/W930 and Modems 5123 and 5300. The root cause is that the baseband software does not properly check a pointer provided by the Ses...

CVE-2024-25074

An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300. The...

CVE-2024-23358

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem...

CVE-2024-23358 Buffer Over-read in Multi Mode Call Processor

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem...

CVE-2024-23358 Buffer Over-read in Multi Mode Call Processor

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem...