Lucene search
+L

71 matches found

Vulnrichment
Vulnrichment
added 2024/08/13 12:30 p.m.34 views

CVE-2024-3913 Phoenix Contact: Start sequence allows attack during the boot process

An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup...

5.9CVSS7.1AI score0.00507EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 12:30 p.m.43 views

CVE-2024-3913 Phoenix Contact: Start sequence allows attack during the boot process

An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup...

5.9CVSS0.00507EPSS
Exploits0References1
CVE
CVE
added 2024/08/13 12:30 p.m.66 views

CVE-2024-3913

CVE-2024-3913 affects Phoenix Contact CHARX SEC-3100. An unauthenticated remote attacker can change device configuration via a file that is writable for a short window after system startup. Public details identify the product and the timing window; no fix/version is provided in the connected sour...

5.9CVSS7.6AI score0.00507EPSS
Exploits0References1Affected Software1
Citrix
Citrix
added 2024/07/13 12:0 a.m.9 views

Provisioning Services Boot Process Diagram

...

7.2AI score
Exploits0
CNVD
CNVD
added 2022/09/30 12:0 a.m.29 views

Cisco Catalyst 9200 Series Switch Data Forgery Issue Vulnerability

Cisco Catalyst 9200 Series Switches is a switch from Cisco, U.S. A data forgery vulnerability exists in the software image validation feature of Cisco Catalyst 9200 Series Switches, which could be exploited by an attacker to execute unsigned code at system startup...

2.4AI score0.00203EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/09/16 6:15 p.m.4 views

CVE-2022-39000

The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup...

9.8CVSS7.4AI score0.00551EPSS
Exploits0References3Affected Software3
NVD
NVD
added 2022/09/16 6:15 p.m.36 views

CVE-2022-39000

The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup...

9.8CVSS0.00551EPSS
Exploits0References2
OSV
OSV
added 2022/09/16 6:15 p.m.5 views

CVE-2022-39000

The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup...

9.8CVSS5.8AI score0.00551EPSS
Exploits0References2
CVE
CVE
added 2022/09/16 5:55 p.m.63 views

CVE-2022-39000

CVE-2022-39000 affects Huawei HarmonyOS iAware module. The vulnerability allows malicious apps to automatically start at system startup, with a CVSS v3.1 base score of 9.8 (Network attack, Low complexity, No privileges or user interaction required; impacts Confidentiality, Integrity, Availability...

9.8CVSS9.3AI score0.00551EPSS
Exploits0References2Affected Software3
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-81-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.0189EPSS
Exploits0References2
Prion
Prion
added 2022/08/05 10:15 p.m.20 views

Hardcoded credentials

A hard-coded password vulnerability exists in the libcommonprod.so prodchangerootpasswd functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this...

7.5CVSS9.4AI score0.00828EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/08/05 9:11 p.m.43 views

CVE-2022-22144

A hard-coded password vulnerability exists in the libcommonprod.so prodchangerootpasswd functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this...

7.5CVSS9.7AI score0.00828EPSS
Exploits1References1
Talos
Talos
added 2022/08/01 12:0 a.m.40 views

TCL LinkHub Mesh Wifi libcommonprod.so prod_change_root_passwd hard-coded password vulnerability

Talos Vulnerability Report TALOS-2022-1459 TCL LinkHub Mesh Wifi libcommonprod.so prodchangerootpasswd hard-coded password vulnerability August 1, 2022 CVE Number CVE-2022-22144 SUMMARY A hard-coded password vulnerability exists in the libcommonprod.so prodchangerootpasswd functionality of TCL...

9.8CVSS8.8AI score0.00828EPSS
Exploits1
Prion
Prion
added 2022/05/13 2:15 p.m.32 views

Improper access control

A vulnerability in Mitel 6900 Series IP MiNet phones excluding 6970, versions 1.8 1.8.0.12 and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploi...

7.2CVSS6.9AI score0.00641EPSS
Exploits3References5Affected Software1
CNVD
CNVD
added 2021/11/11 12:0 a.m.35 views

Siemens Nucleus ReadyStart Type Obfuscation Vulnerability

Siemens Nucleus ReadyStart is a bundled solution from Siemens, Germany. It is used to accelerate the fast startup of complete systems and provides a rich set of board support packages Bsp. A security vulnerability exists in Siemens Nucleus ReadyStart, which originates from an ICMP echo packet wit...

6.9CVSS5.4AI score0.01409EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/11/02 12:0 a.m.7 views

The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows involves errors during path restriction for restricted access directories. This allows a malicious user to trigger a service failure when loading the operating system.

The vulnerability of Kaspersky Endpoint Security for Windows relates to errors during path limitation for restricted access directories. Exploiting this vulnerability can allow a malicious actor to cause a service failure when the operating system is loaded...

5CVSS6.6AI score0.02518EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2019:0137-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.4AI score0.02958EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2019:0135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.9AI score0.02958EPSS
Exploits4References10
CNVD
CNVD
added 2021/03/25 12:0 a.m.14 views

Cisco IOS XE OS Command Injection Vulnerability

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An OS command injection vulnerability exists in ROMMON of Cisco IOS XE. The vulnerability stems from incorrect validation of specific function parameters passed to the startup...

7.2CVSS7.3AI score0.00372EPSS
Exploits0References1
NVD
NVD
added 2021/03/24 8:15 p.m.26 views

CVE-2021-1449

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...

6.7CVSS0.00265EPSS
Exploits0References1
Rows per page
Query Builder