62 matches found
FreeBSD-SA-19:07.mds
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:07.mds Security Advisory The FreeBSD Project Topic: Microarchitectural Data Sampling MDS Category: core Module: kernel Announced: 2019-05-14 Credits: Refer t...
Some ASUS Updates Drop Backdoors on PCs in 'Operation ShadowHammer'
A supply-chain attack dubbed “Operation ShadowHammer” has been uncovered, targeting users of the ASUS Live Update Utility with a backdoor injection. The China-backed BARIUM APT is suspected to be at the helm of the project. According to Kaspersky Lab, the campaign ran from June to at least Novemb...
Intel NUC FW kits input validation error vulnerability
Intel NUC FW kits is a mini-desktop from Intel Corporation USA.BIOS update utility is one of the BIOS update utilities. An input validation error vulnerability exists in Intel NUC FW kits. An attacker could exploit this vulnerability to cause a denial of service or information disclosure...
CVE-2018-12158
The CVE-2018-12158 issue affects Intel NUC Firmware Kits’ BIOS update utility. Insufficient input validation in the BIOS update executable for kits downloaded before May 24, 2018 could allow a local, privileged user to trigger a denial of service or information disclosure. Affected devices are In...
Gigabyte BRIX Mini PCs are vulnerable to firmware update validation flaws
GIGABYTE is a professional motherboard manufacturer in Taiwan. GB-BSi7H-6500 and GB-BXi7-5775 are GIGABYTE Brix small computers, similar to Intel NUCs. UEFI, or Unified Extensible Firmware Interface, is a standard that describes the type of interface in detail. UEFI, or Unified Extensible Firmwar...
Intel Driver Update Utility 2.x < 2.4 Cleartext Download MitM
The version of the Intel Driver Update Utility installed on the remote host is 2.x prior to 2.4. It is, therefore, affected by a man-in-the-middle vulnerability due to the transmission of driver updates in cleartext. A man-in-the-middle attacker can exploit this to disclose or manipulate data,...
CVE-2016-1493
Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...
Code injection
Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...
CVE-2016-1493
Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...
CVE-2016-1493
Intel Driver Update Utility (IDUU) prior to version 2.4 is affected by a Man-in-the-Middle vulnerability due to cleartext transmission of driver updates, enabling potential data disclosure, integrity corruption, and possibly code execution via crafted updates. Affected product.version: IDUU 2.x b...
Intel Driver Update Utility 2.2.0.5 Man-In-The-Middle
Advisory Information Title: Intel Driver Update Utility MiTM Advisory ID: CORE-2016-0001 Advisory URL: http://www.coresecurity.com/advisories/intel-driver-update-utility-mitm Date published: 2016-01-19 Date of last update: 2016-01-14 Vendors contacted: Intel Release mode: Coordinated release 2...
Potential vulnerability in the Intel® Driver Update Utility
Summary: This update to the Intel® Driver Update Utility mitigates the use of a non-SSL URL. Intel has released a new version of the software that provides mitigation of this issue. Description: Intel® Driver Update Utility analyzes Intel-product drivers on your computer and lets you know if driv...
Code injection
The client in Schneider Electric Software Update SESU Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and consequently execute arbitrary code, by modifying the data stream on TCP port 80...
ROS-2-2475
2.2475 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...
ROS-2-2354
2.2354 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...
ROS-2-2555
2.2555 Notice of Update for RED OS Operating System RU.29926343.02.01-25 OOO “RED SOFT” informs you that the testing process for RED OS 8 has been completed, and the certified distribution of RED OS 8 has been released. If you have questions regarding the purchase of a new installation kit...
ROS-2-2380
2.2380 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...
ROS-2-2353
2.2353 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...
ROS-2-2685
2.2685 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...
ROS-2-2489
2.2489 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...