132 matches found
CVE-2021-26387
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity...
CVE-2021-46746
CVE-2021-46746 : The AMD ASP/TEE stack protection gap allows a privileged attacker with access to AMD signing keys to corrupt the return address via a stack-based buffer overrun, potentially causing a denial of service. This aligns with AMD’s CVE entry (base score 5.2, local access, high attack c...
CVE-2021-26387
CVE-2021-26387 describes insufficient access controls in the AMD ASP kernel that could allow a privileged attacker with access to AMD signing keys and BIOS/UEFI shell to map DRAM regions into protected areas, risking platform integrity. Public documents indicate this CVE is tracked within AMD sec...
CVE-2021-26387
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity...
CVE-2021-26387
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity...
Withdrawn: JJWT improperly generates signing keys
Withdrawn Advisory This advisory has been withdrawn because it has been found to be disputed. Please see the issue here for more information. Original Description JJWT aka Java JWT through 0.12.5 ignores certain characters and thus a user might falsely conclude that they have a strong key. The...
OpenJDK: logging of digital signature private keys (8316976)
Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks o...
BIT-GRADLE-2021-41588
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys...
OpenJDK: logging of digital signature private keys (8316976)
Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks o...
OpenJDK: logging of digital signature private keys (8316976)
Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks o...
OpenJDK: logging of digital signature private keys (8316976)
Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks o...
[SECURITY] Fedora 38 Update: keyring-ima-signer-0.1.0-11.fc38
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
[SECURITY] Fedora 39 Update: keyring-ima-signer-0.1.0-11.fc39
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
Firmware and Intel Boot Guard keys leaked in ransomware attack on MSI
In late March, hardware manufacturer MSI was hit by a ransomware attack. As a result of this ransomware attack, private keys were according to security firm Binarly, private keys were leaked that are used to digitally sign firmware for motherboards. Also compromised were private keys used by Inte...
MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security...
MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security...
Sh4D0Wup - Signing-key Abuse And Update Exploitation Framework
Signing-key abuse and update exploitation framework. % docker run -it --rm ghcr.io/kpcyrd/sh4d0wup:edge -h Usage: sh4d0wup OPTIONS Commands: bait Start a malicious update server front Bind a http/https server but forward everything unmodified infect High level tampering, inject additional command...
CVE-2022-3927
The affected products store both public and private key that are used to sign and protect Custom Parameter Set CPS file from modification. An attacker that manages to exploit this vulnerability will be able to change the CPS file, sign it so that it is trusted as the legitimate CPS file. This iss...
Hitachi FOXMAN-UN 信任管理问题漏洞
Hitachi FOXMAN-UN is a powerful toolset for a comprehensive NMS suite from Hitachi, Japan. A security vulnerability exists in Hitachi FOXMAN-UN, which stems from the fact that it contains public and private keys used to sign and protect Custom Parameter Sets CPS files from modification, allowing ...
Leaked Signing Keys Are Being Used to Sign Malware
A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. Łukasz Siewierski, a member of Googles Android Security Team, has a post on the Android Partner Vulnerability Initiative AVPI issue tracker detailing leaked platform certificate keys...