321 matches found
PT-2022-35076 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.16 through v6.0.2 Description: A refcount leak was discovered in the ssi probe function of the omap ssi module. The issue was introduced in version v3.16 and is fixed in version v6.0.3. The actual impact and attack...
PT-2022-24406 · Unknown · Smacam Night Vision Cs-Qr20 +1
Name of the Vulnerable Software and Affected Versions: SmaCam CS-QR10 all versions SmaCam Night Vision CS-QR20 all versions Description: A missing protection mechanism for an alternate hardware interface in the affected products allows an attacker to execute an arbitrary OS command by connecting ...
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
Hardcoded credentials
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-30314
CVE-2022-30314 affects Honeywell Experion PKS Safety Manager 5.02. The vulnerability arises from hard-coded credentials used to access the POLO bootloader, which is exposed via the DCOM-232/485 serial interface used for firmware management. An attacker with physical or gateway-access to the seria...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...
CVE-2022-32295
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component...
PT-2022-3178 · Honeywell +1 · Honeywell Experion Pks Safety Manager +1
Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS Safety Manager version 5.02 Description: The issue is related to the use of hard-coded credentials in the Honeywell Experion PKS Safety Manager. The affected component is the POLO bootloader. An attacker with access to...
PT-2022-9730 · Amd +1 · Amd Secure Processor +1
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to a failure to validate the integer operand in the ASP bootloader, which may allow an attacker to introduce an integer overflow in the L2 directory table ...
CVE-2021-42324
An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...
Intel NUC 访问控制错误漏洞
The Intel NUC is a small minicomputer from Intel USA. An Access Control Error vulnerability exists in the Intel NUC 11 Gen Intel Serial IO driver, which stems from a default privilege management error in the product's installer. An attacker could use this vulnerability to cause a denial of servic...
Ubiquiti Networks UniFi Cloud Key Access Control Error Vulnerability
Ubiquiti Networks UniFi Cloud Key is a secret key device that supports management of UniFi networks from Ubiquiti Networks USA. An Access Control Error vulnerability exists in the Ubiquiti Networks UniFi Cloud Key gen2 and Cloud Key gen2 Plus using firmware version 1.1.10 and earlier, which can b...
CVE-2020-8157
UniFi Cloud Key firmware = v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface UART...
CVE-2020-8157
UniFi Cloud Key firmware = v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface UART...
Unspecified Vulnerability in XIAOMI AI speaker MDZ-25-DT
Xiaomi AI speaker MDZ-25-DT is a smart speaker device from Chinese company Xiaomi Technology Xiaomi. A security vulnerability exists in XIAOMI AI speaker MDZ-25-DT version 1.34.36 and 1.40.14. An attacker can exploit this vulnerability by sending a UART interface to obtain a root shell, read the...