Mozilla Firefox Security Advisory (MFSA2016-43) - Deprecated

This host is missing a security update for Mozilla Firefox. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

ASB-A-174626251

In btmsecpincoderequest of btmsec.cc, there is a possible bypass of Bluetooth pairing pin-code due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2020-26555

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BDADDR of the peer device to complete pairing without knowledge of the PIN...

Code injection

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BDADDR of the peer device to complete pairing without knowledge of the PIN...

CVE-2020-26555

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BDADDR of the peer device to complete pairing without knowledge of the PIN...

CVE-2020-26555

Removed by vendor...

CVE-2020-26555

Technical details beyond the initial description are not publicly provided in the connected documents. CVE-2020-26555 relates to Bluetooth BR/EDR PIN pairing impersonation as described; monitor for vendor/advisory updates for fixes and impact.

PT-2021-11245 · Bluetooth Special Interest +6 · Bluetooth Core Specification +6

Name of the Vulnerable Software and Affected Versions: Bluetooth Core Specification versions 1.0B through 5.2 Description: The issue allows an unauthenticated nearby device to spoof the BD ADDR of the peer device to complete pairing without knowledge of the PIN, potentially permitting unauthorize...

Rocket.Chat: Bypass local authentication (PIN code)

Summary: An attacker with physical access to a mobile device can bypass local authentication PIN code. Description: When you set the PIN code to enter the application, the blocking occurs after the time set in the settings after the activity is closed. System time is used as a starting point. It ...

Mofi Network MOFI4500-4GXeLTE 安全特征问题漏洞

The Mofi Network MOFI4500-4GXeLTE is a wireless router from Mofi Network. A security vulnerability exists in the Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices, which can be exploited by an attacker to know the generation algorithm via firmware reverse, and directly calculate the one-time passwo...

CVE-2020-27747

An issue was discovered in Click Studios Passwordstate 8.9 Build 8973.If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator 4 digits, a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As resul...

Code injection

An issue was discovered in Click Studios Passwordstate 8.9 Build 8973.If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator 4 digits, a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As resul...

CVE-2020-27747

An issue was discovered in Click Studios Passwordstate 8.9 Build 8973.If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator 4 digits, a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As resul...

New vulnerability lets hackers use your credit card without pin code

By Sudais Asif The vulnerability was revealed in a report called "The EMV Standard: Break, Fix, Verify." Every time we make a payment using credit/debit cards, the EMV communication protocol is used for processing payments. Having been developed by Europay, Mastercard and Visa, etc. it is used fo...

CVE-2020-0148

In btuhcifpincoderequestevt, btuhciflinkkeyrequestevt, and btuhciflinkkeynotificationevt of btuhcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. Us...

Support for Citrix ADC on Azure – Subscription license with hourly price

Citrix provides support for Citrix ADC Subscription based offering subscription license with hourly price on Azure. For builds greater than or equal to Build 13.0.67.43 To file a support case, you need to present support PIN code of Citrix ADC subscription based offering that you have deployed on...

CVE-2019-17202

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a...

Privilege escalation

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a...

CVE-2019-17202

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a...

Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords, Hash, PIN Code from Memory

mimikatz is a tool I've made to learn C and make somes experiments with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. But that's not all!...