332 matches found
TP-LINK Tapo C200 安全漏洞
The TP-LINK Tapo C200 is a webcam device from China P&L TP-LINK. A security vulnerability exists in TP-LINK Tapo C200 version V1, which stems from an access control issue that allows a physically proximate attacker to gain root access by connecting to the UART pin, interrupting the boot process,...
CVE-2022-46144
A vulnerability has been identified in SCALANCE SC622-2C 6GK5622-2GS00-2AC2 All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 V3.0, SCALANCE WAM763-1 6GK5763-1AL00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 6GK5766-1GE00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 US 6GK5766-1GE00-7DB0 All...
CVE-2022-46144
A vulnerability has been identified in SCALANCE SC622-2C 6GK5622-2GS00-2AC2 All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 V3.0, SCALANCE WAM763-1 6GK5763-1AL00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 6GK5766-1GE00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 US 6GK5766-1GE00-7DB0 All...
CVE-2022-46144
CVE-2022-46144 affects Siemens SCALANCE devices (multiple models: SC622-2C, SC626-2C, SC632-2C, SC636-2C, SC642-2C, SC646-2C, plus W-series variants) where CLI commands are not correctly handled after a user force quits an SSH session. This can leave the CLI via SSH or serial interface irresponsi...
CVE-2022-46144
A vulnerability has been identified in SCALANCE SC622-2C 6GK5622-2GS00-2AC2 All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 V3.0, SCALANCE WAM763-1 6GK5763-1AL00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 6GK5766-1GE00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 US 6GK5766-1GE00-7DB0 All...
BD BodyGuard 授权问题漏洞
BD BodyGuard is a series of small, lightweight, mobile infusion pumps from BD Medical USA. An authorization issue vulnerability exists in BD BodyGuard Pumps that stems from a lack of protection mechanisms for alternate hardware interfaces.The affected BD BodyGuard Infusion Pumps allow access via ...
The vulnerability of the microprogrammed software of the Moxa NE-4100T serial interface converter lies in the lack of authentication procedures, which allows attackers to circumvent existing security restrictions.
The vulnerability of the Microprogrammed Software for Serial Interface Converters Moxa NE-4100T is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...
PT-2022-35527 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.16 through 5.10.149 Description: A refcount leak was discovered in the ssi probe function of the omap ssi module. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-35076 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.16 through v6.0.2 Description: A refcount leak was discovered in the ssi probe function of the omap ssi module. The issue was introduced in version v3.16 and is fixed in version v6.0.3. The actual impact and attack...
PT-2022-24406 · Unknown · Smacam Night Vision Cs-Qr20 +1
Name of the Vulnerable Software and Affected Versions: SmaCam CS-QR10 all versions SmaCam Night Vision CS-QR20 all versions Description: A missing protection mechanism for an alternate hardware interface in the affected products allows an attacker to execute an arbitrary OS command by connecting ...
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
Hardcoded credentials
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-30314
CVE-2022-30314 affects Honeywell Experion PKS Safety Manager 5.02. The vulnerability arises from hard-coded credentials used to access the POLO bootloader, which is exposed via the DCOM-232/485 serial interface used for firmware management. An attacker with physical or gateway-access to the seria...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-32295
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component...