PT-2023-12568 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to the failure to validate the length fields of the ASP sensor fusion hub headers. This may allow an attacker with a malicious Uapp or ABL to map the ASP...

JINS MEME CORE uses a hard-coded cryptographic key

Overview JINS MEME CORE provided by JINS Inc. is a nose pad type sensor attached to a glass frame. JINS MEME CORE uses a hard-coded cryptographic key CWE-321. MASAHIRO IIDA of LAC Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

JVN#13306058: JINS MEME CORE uses a hard-coded cryptographic key

JINS MEME CORE provided by JINS Inc. is a nose pad type sensor attached to a glass frame. JINS MEME CORE uses a hard-coded cryptographic key CWE-321. Impact A network-adjacent attacker may decrypt data acquired by a sensor of the affected product. Solution Update the firmware Update the firmware ...

The vulnerability of the microprogrammed software of Schneider Electric Ritto Wiser Door sensor, related to information disclosure during data exchange, allows a intruder to intercept the session.

The vulnerability of Schneider Electric Ritto Wiser Door door sensors’ microprogramming software is related to the disclosure of information during data exchange. Exploiting this vulnerability could allow a intruder to intercept a session...

What’s New in InsightIDR: Q1 2023 in Review

InsightIDR received a number of exciting updates in Q1 2023, including faster search, a redesigned UI, updated investigations, support for Insight Network Sensor, Enhanced Endpoint Telemetry, and more. In our effort to empower practitioners to feel confident in their detection and response...

CVE-2023-21034

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Design/Logic Flaw

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

UBUNTU-CVE-2023-21034

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Tenable Sensor Proxy < 1.0.7 Multiple Vulnerabilities (TNS-2023-15)

According to its self-reported version, the Tenable Sensor Proxy application running on the remote host is version 1.0.6. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 1.1.1t: - An attacker that had observed a genuine connection between a client and a server...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that stems from a privilege bypass that could access accurate sensor data...

CVE-2023-21034

CVE-2023-21034 affects Android 13 devices, with the vulnerability located in multiple SensorService.cpp functions where a permissions bypass may allow access to accurate sensor data, causing local privilege escalation. The issue is described as needing low privileges and no user interaction, with...

Tenable Sensor Proxy Installed

Binary data sensorproxyinstalled.nbin...

CVE-2023-21034

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

[R1] Sensor Proxy Version 1.0.7 Fixes Multiple Vulnerabilities

R1 Sensor Proxy Version 1.0.7 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 03/16/2023 - 11:55 Sensor Proxy leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been ma...

PUB-A-230358834

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-30339

Out-of-bounds read in firmware for the IntelR Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access...

CVE-2022-30339

Out-of-bounds read in firmware for the IntelR Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access...

CVE-2022-30339

Out-of-bounds read in firmware for the IntelR Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access...

Intel Integrated Sensor Solution 缓冲区错误漏洞

Intel Integrated Sensor Solution is an integrated sensor solution utility from Intel Corporation USA. A security vulnerability exists in Intel Integrated Sensor Solution that originates from an out-of-bounds read issue. An attacker could use this vulnerability to cause a denial of service...

PT-2023-13005 · Intel · Intel Integrated Sensor Solution

Name of the Vulnerable Software and Affected Versions: IntelR Integrated Sensor Solution versions prior to 5.4.2.4579v3 IntelR Integrated Sensor Solution versions prior to 5.4.1.4479 IntelR Integrated Sensor Solution versions prior to 5.0.0.4143 Description: The issue is an out-of-bounds read in...