321 matches found
CVE-2025-48515
Insufficient parameter sanitization in AMD Secure Processor ASP Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution...
CVE-2026-0715
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu do...
CVE-2026-0715
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu...
CVE-2026-0715
CVE-2026-0715 affects Moxa Arm-based industrial computers running Moxa Industrial Linux Secure. A device-unique bootloader password provided on the device can enable an attacker with physical access to reach the bootloader menu via a serial interface. The bootloader still enforces digital signatu...
EUVD-2026-5532
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu...
CVE-2026-0714
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and...
PT-2026-6599
Name of the Vulnerable Software and Affected Versions Moxa Arm-based industrial computers running Moxa Industrial Linux Secure affected versions not specified Description Moxa Arm-based industrial computers running Moxa Industrial Linux Secure utilize a device-unique bootloader password provided ...
EUVD-2022-55956
An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus RS485...
Innomic VibroLine Series 访问控制错误漏洞
The Innomic VibroLine Series is a professional vibration measurement and analysis system developed by the German company Innomic. The Innomic VibroLine Series has a security access control vulnerability; this vulnerability arises from unverified neighboring attackers who can potentially switch...
CVE-2026-1407
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.0955. This affects an unknown part of the component UART Interface. Performing a manipulation results in information disclosure. The attack may be carried out on the physical device. The attack is considered to have high...
CVE-2026-1409
A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00.0955. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack on the physic...
CVE-2025-59109
The dormakaba registration units 9002 PIN Pad Units have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface. An attacker can use the interface to exfiltrate PINs. As the devices are explicitly built as Plug-and-Play to be easily replaced, an...
EUVD-2025-206377
The dormakaba registration units 9002 PIN Pad Units have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface. An attacker can use the interface to exfiltrate PINs. As the devices are explicitly built as Plug-and-Play to be easily replaced, an...
CVE-2025-59109 UART Leaking Sensitive Data in dormakaba registration unit 9002
The dormakaba registration units 9002 PIN Pad Units have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface. An attacker can use the interface to exfiltrate PINs. As the devices are explicitly built as Plug-and-Play to be easily replaced, an...
CVE-2025-59109
The CVE-2025-59109 entry describes the dormakaba reg-istration units 9002 PIN Pad Units with an exposed UART header. The PIN pad reportedly transmits every button press over UART, enabling an attacker with physical access to read PIN data; due to Plug‑and‑Play design, an attacker could remove a d...
CVE-2025-59109 UART Leaking Sensitive Data in dormakaba registration unit 9002
The dormakaba registration units 9002 PIN Pad Units have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface. An attacker can use the interface to exfiltrate PINs. As the devices are explicitly built as Plug-and-Play to be easily replaced, an...
CVE-2026-1411
A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...
CVE-2026-1411
A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...
EUVD-2026-4685
A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...
CVE-2026-1409
A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00.0955. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack on the physic...