PT-2025-6174 · Wattsense · Wattsense Bridge

Name of the Vulnerable Software and Affected Versions: Wattsense Bridge versions prior to 6.4.1 Description: The firmware of all Wattsense Bridge devices contains the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered...

The vulnerability of AMD’s microprogrammed software for processors lies in the violation of data protection mechanisms, allowing attackers to circumvent the SPI ROM protection mechanism.

The vulnerability of AMD’s microprogrammed software lies in the bypass of the data protection mechanism. Exploiting this vulnerability allows an attacker to circumvent the SPI ROM protection mechanism by modifying the data...

CVE-2024-54127 Exposure of Wi-Fi Credentials in Plaintext in TP-Link Archer C50

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could...

TP-Link Archer C50 安全漏洞

The TP-LINK Archer C50 is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-Link Archer C50 prior to version V4 240917, which stems from terminal access on the serial interface that is not properly privileged, allowing an attacker to obtain Wi-Fi credentials on t...

CVE-2024-48973 Debug port on Life2000 Ventilator serial interface is enabled by default

The debug port on the ventilator's serial interface is enabled by default. This could allow an attacker to send and receive messages over the debug port which are unencrypted; see 3.2.1 that result in unauthorized disclosure of information and/or have unintended impacts on device settings and...

CVE-2024-48973 Debug port on Life2000 Ventilator serial interface is enabled by default

The debug port on the ventilator's serial interface is enabled by default. This could allow an attacker to send and receive messages over the debug port which are unencrypted; see 3.2.1 that result in unauthorized disclosure of information and/or have unintended impacts on device settings and...

CVE-2024-9834

Improper data protection on the ventilator's serial interface could allow an attacker to send and receive messages that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance...

PT-2024-39874 · Unknown · Ventilator

Name of the Vulnerable Software and Affected Versions: Ventilator affected versions not specified Description: The issue concerns improper data protection on the ventilator's serial interface. This could allow an attacker to send and receive messages, resulting in unauthorized disclosure of...

Baxter Life2000 安全漏洞

The Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. A security vulnerability exists in the Baxter Life2000 that stems from improper data protection on the ventilator's serial interface, which could allow an attacker to send and receive messages that could have an unintended...

PT-2024-33307 · Unknown · Ventilator

Name of the Vulnerable Software and Affected Versions: Ventilator affected versions not specified Description: The ventilator's serial interface has its debug port enabled by default, allowing an attacker to send and receive unencrypted messages. This could result in unauthorized disclosure of...

CVE-2019-20462

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial interface at the board level. By attaching to this serial interface and rebooting the device, a large amount of information is disclosed. This includes the view password and the password of the Wi-Fi acce...

Alecto IVM-100 安全漏洞

The Alecto IVM-100 is a baby monitor with camera from Alecto. A security vulnerability exists in the Alecto IVM-100 version 2019-11-12, which stems from the fact that the device comes with a board-level serial interface, and by connecting to this serial interface and rebooting the device, a large...

PT-2024-10738 · Alecto · Alecto Ivm-100

Name of the Vulnerable Software and Affected Versions: Alecto IVM-100 version 2019-11-12 Description: An issue was discovered where a large amount of information is disclosed when attaching to the serial interface at the board level and rebooting the device. This includes the view password and th...

CVE-2019-20462

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial interface at the board level. By attaching to this serial interface and rebooting the device, a large amount of information is disclosed. This includes the view password and the password of the Wi-Fi acce...

CVE-2019-20462

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial interface at the board level. By attaching to this serial interface and rebooting the device, a large amount of information is disclosed. This includes the view password and the password of the Wi-Fi acce...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper protection of the uartportdtrrts function in the serial subsystem, which could trigger a kernel cra...

CVE-2024-43893

...

spi: spi-mt65xx: Fix NULL pointer access in interrupt handler

...

CVE-2023-52650

...

DEBIAN-CVE-2024-44951

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on channel B, we observe with a logic analyzer that the received packet on...