UBUNTU-CVE-2019-19068

A memory leak in the rtl8xxxusubmitinturb function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxucore.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering usbsubmiturb failures, aka CID-a2cdd07488e6...

Denial of Service Vulnerability in C2000-B2-SFE0101-BB1 Serial Port Server

The C2000-B2-SIE0101-BB1 is an industrial-grade serial device networking server. A denial of service vulnerability exists in the C2000-B2-SFE0101-BB1 serial server that can be exploited by an attacker to cause the server to deny service...

ZyXEL GS1900 Input Validation Error Vulnerability

ZyXEL GS1900 is a managed switch from ZyXEL Taiwan, China. A security vulnerability exists in the Zyxel GS1900 using firmware prior to version 2.50AAHH.0C0. The vulnerability can be exploited by an attacker to access the password recovery menu via the serial console...

CVE-2019-15804

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. By sending a signal to the CLI process, undocumented functionality is triggered. Specifically, a menu can be triggered by sending the SIGQUIT signal to the CLI application e.g., through CTRL+\ via SSH. The access...

CVE-2019-15804

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. By sending a signal to the CLI process, undocumented functionality is triggered. Specifically, a menu can be triggered by sending the SIGQUIT signal to the CLI application e.g., through CTRL+\ via SSH. The access...

Siemens SIMATIC S7-1200 CPU Access Vulnerability

Siemens SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries. A security vulnerability exists in the Siemens SIMATIC S7-1200 CPU. An attacker could exploit this security...

Denial of Service Vulnerability in ZLAN5102 and ZLAN5103 NICs

ZLAN5102 serial server is a protocol converter between RS232/485 and TCP/IP developed by Shanghai Zoran Information Technology Co. This serial server can easily connect serial devices to Ethernet and Internet, and realize the network upgrade of serial devices.ZLAN5103 is a new generation of...

kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS

A flaw was discovered in the Linux kernel's USB subsystem in the usbgetextradescriptor function in the drivers/usb/core/usb.c which mishandles a size check during the reading of an extra descriptor data. By using a specially crafted USB device which sends a forged extra descriptor, an unprivilege...

PT-2019-4093 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.11 Description: The issue is related to a memory leak in the gs can open function, located in the drivers/net/can/usb/gs usb.c file of the Linux kernel. This leak can be exploited by a remote attacker to cau...

PT-2019-13635 · Coinkite · Coldcard Mk1 +1

Name of the Vulnerable Software and Affected Versions: Coldcard MK1 and MK2 devices affected versions not specified Description: A side channel vulnerability was found in the row-based OLED display of Coldcard devices. The power consumption of each display cycle depends on the number of illuminat...

PT-2019-13870 · Mitsubishi · Me-Rtu

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Europe B.V. ME-RTU devices versions 2.02 and earlier INEA ME-RTU devices versions 3.0 and earlier Description: An issue allows an attacker to inject malicious code directly into the application through stored cross-site...

USN-4163-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4163-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that a race condition existed in the ARC EMAC ethernet driver for th...

IoT-Implant-Toolkit - Toolkit For Implant Attack Of IoT Devices

IoT-Implant-Toolkit is a framework of useful tools for malware implantation research of IoT devices. It is a toolkit consisted of essential software tools on firmware modification, serial port debugging, software analysis and stable spy clients. With an easy-to-use and extensible shell-like...

Protect

Multiple information exposure vulnerabilities in FortiOS may allow an unauthenticated attacker to perform some information gathering via parsing the HTTP headers, web portal certificate, and error messages. The exposed information includes the FortiGate's model, serial number and internal IP...

The vulnerability of the OpenJDK project for the Java programming language stems from inadequate access control mechanisms, allowing attackers to trigger a service failure.

The vulnerability of the OpenJDK project for the Java programming language is related to insufficient testing of serial streams before exception deserialization. Exploiting this vulnerability could allow a malicious actor to cause service failures...

LOWKEY: Hunting for the Missing Volume Serial ID

In August 2019, FireEye released the “Double Dragon” report on our newest graduated threat group: APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services. This blog...

Unmasking mystery boxes on ship’s bridges

We pen test a variety of vessel and platform types across different fleets and operators. In every single test to date we have unearthed a system or device, that of the few crew that were aware, no-one could tell us what it is was for. In other scenarios an undocumented system or device would be...

Unbreakable Enterprise kernel security update

4.14.35-1902.6.6 - RDMA/restrack: Protect from reentry to resource return path Leon Romanovsky Orabug: 30388717 4.14.35-1902.6.5 - hvnetvsc: fix vf serial matching with pci slot info Haiyang Zhang Orabug: 30373111 - rds: Use correct conn when dropping connections due to cancel Hakon Bugge Orabug:...

Operational Technology Networks or OT

Operational Technology Networks or OT Notes: It’s mixing up OT with maritime, so probably isn’t suitable as is. The first section is really good, very relevant. We can use all of that. Once we get in to NMEA data, then it goes off topic. I suggest: Network equipment such as the Scalance Then a...

USN-4147-1 linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup TDLS. A physically proximate attacker could use this to cause a denial of service Wi-Fi disconnect. CVE-2019-0136 It was discovered that the Bluetooth UART...