63 matches found
CVE-2019-8799
This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications...
Code injection
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...
hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced...
kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP
A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfrsp and l2capparseconfreq functions. An attacker with physical access within the range of standard Bluetooth transmission can create a...
Tap 'n Ghost Attack Creatively Targets Android Devices
Researchers have created a novel proof-of-concept PoC attack named Tap ‘n Ghost, which targets Near Field Communication NFC-enabled Android smartphones. This allows an attacker to take control of a target phone simply by tricking the victim into placing their handset on a specially crafted surfac...
Bluetooth Flaw Found in Google Titan Security Keys; Get Free Replacement
A team of security researchers at Microsoft discovered a potentially serious vulnerability in the Bluetooth-supported version of Google's Titan Security Keys that could not be patched with a software update. However, users do not need to worry as Google has announced to offer a free replacement f...
Bluetooth® pairing vulnerability
Summary: Bluetooth Pairing update. Description: A vulnerability in Bluetooth® pairing potentially allows an attacker with physical proximity within 30 meters to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth®...
CVE-2018-4123
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves alarm and timer handling in the "Clock" component. It allows physically proximate attackers to discover the iTunes e-mail address...
CVE-2017-7065
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows remote attackers to execute arbitrary code on the Wi-Fi chip or cause a denial of service memory...
Multiple Thales nShield Connect Hardware Privilege Access Control Vulnerabilities
Thales nShield Connect hardware models 500 and others are networked HSM Hardware Security Module devices from Thales e-Security, USA. A security vulnerability exists in several models of Thales nShield Connect hardware. An attacker in close physical proximity could exploit this vulnerability to...
CVE-2017-7407
The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a...
CVE-2016-7765
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Clipboard" component, which allows physically proximate attackers to obtain sensitive information in the lockscreen state by viewing clipboard contents...
Design/Logic Flaw
internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the...
CVE-2016-6257
The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system b...
UBUNTU-CVE-2016-2421
Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410...
CVE-2016-0812
The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the...
UBUNTU-CVE-2016-0812
The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the...
CVE-2015-1319
The CVE-2015-1319 issue affects the Unity Settings Daemon in Ubuntu 14.04 LTS and 15.04. It arises because the daemon does not reliably detect when the screen is locked, allowing a physically proximate attacker to mount removable media (e.g., a USB thumb drive) while the session is locked. Affect...
Design/Logic Flaw
Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.e...
CVE-2013-2891
drivers/hid/hid-steelseries.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDSTEELSERIES is enabled, allows physically proximate attackers to cause a denial of service heap-based out-of-bounds write via a crafted device...