332 matches found
PT-2022-3178 · Honeywell +1 · Honeywell Experion Pks Safety Manager +1
Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS Safety Manager version 5.02 Description: The issue is related to the use of hard-coded credentials in the Honeywell Experion PKS Safety Manager. The affected component is the POLO bootloader. An attacker with access to...
PT-2022-9730 · Amd +1 · Amd Secure Processor +1
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to a failure to validate the integer operand in the ASP bootloader, which may allow an attacker to introduce an integer overflow in the L2 directory table ...
CVE-2021-42324
An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...
The vulnerability of the NPort IAW5250A-6I/O serial interface converter lies in its information disclosure capabilities, which allow attackers to gain access to confidential information or modify the device’s firmware.
The vulnerability of the NPort IAW5250A-6I/O serial interface converter is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information or modify the device’s firmware...
Intel NUC 访问控制错误漏洞
The Intel NUC is a small minicomputer from Intel USA. An Access Control Error vulnerability exists in the Intel NUC 11 Gen Intel Serial IO driver, which stems from a default privilege management error in the product's installer. An attacker could use this vulnerability to cause a denial of servic...
The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A lies in their lack of access control mechanisms. This allows attackers to circumvent existing security restrictions and gain increased privileges.
The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to bypass existing security restrictions and gain increased privileges...
Ubiquiti Networks UniFi Cloud Key Access Control Error Vulnerability
Ubiquiti Networks UniFi Cloud Key is a secret key device that supports management of UniFi networks from Ubiquiti Networks USA. An Access Control Error vulnerability exists in the Ubiquiti Networks UniFi Cloud Key gen2 and Cloud Key gen2 Plus using firmware version 1.1.10 and earlier, which can b...
CVE-2020-8157
UniFi Cloud Key firmware = v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface UART...
CVE-2020-8157
UniFi Cloud Key firmware = v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface UART...
Unspecified Vulnerability in XIAOMI AI speaker MDZ-25-DT
Xiaomi AI speaker MDZ-25-DT is a smart speaker device from Chinese company Xiaomi Technology Xiaomi. A security vulnerability exists in XIAOMI AI speaker MDZ-25-DT version 1.34.36 and 1.40.14. An attacker can exploit this vulnerability by sending a UART interface to obtain a root shell, read the...
The vulnerability of Siemens S7-1200 microprogramming software lies in the presence of unsafe functions during physical connection via the UART interface. This allows attackers to obtain additional diagnostic information during the device loading process.
The vulnerability of Siemens S7-1200 microprogramming software is related to the presence of unsafe functions during physical connection via the UART interface. Exploiting this vulnerability can allow an attacker to obtain additional diagnostic information during the device loading process...
CVE-2019-20348
OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in order to execute arbitrary commands with root privileges and conduct further attacks...
CVE-2019-20348
OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in order to execute arbitrary commands with root privileges and conduct further attacks...
CVE-2019-3983
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections...
Siemens SIMATIC S7-1200 CPU Access Vulnerability
Siemens SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries. A security vulnerability exists in the Siemens SIMATIC S7-1200 CPU. An attacker could exploit this security...
CVE-2019-3950
Arlo Basestation firmware 1.12.0.127940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to...
CVE-2019-3950
Arlo Basestation firmware 1.12.0.127940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to...
CVE-2018-20008
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials plain text and the web-console password base64 via the debugging console...
CVE-2018-20007
Yeelight Smart AI Speaker 3.3.100074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. The attacker can then exfiltrate the audio data, read cleartext Wi-Fi credentials in a log file, or access other sensitive device and user...
Rockwell Automation PointIO Synchronous Serial Interface 1734-SSI/C
Binary data 753830.prm...