245 matches found
Improper access control
TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Access Control; specifically, Android Debug Bridge adb is available...
PT-2023-24470 · Teleadapt · Teleadapt Roomcast Ta-2400
Name of the Vulnerable Software and Affected Versions: TeleAdapt RoomCast TA-2400 versions 1.0 through 3.1 Description: The issue concerns Improper Privilege Management. After establishing an adb connection, accessing the shell and entering the su command provides root access without requiring a...
CVE-2023-33743
TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Access Control; specifically, Android Debug Bridge adb is available...
TeleAdapt RoomCast TA-2400 安全漏洞
The TeleAdapt RoomCast TA-2400 is an all-in-one, self-contained, top-of-the-line content streaming box for guest rooms from TeleAdapt UK. The TeleAdapt RoomCast TA-2400 suffers from an elevation of privilege vulnerability that is caused by improper access control of the Android Debug Bridge ADB. ...
TeleAdapt RoomCast TA-2400 安全漏洞
The TeleAdapt RoomCast TA-2400 is an all-in-one, self-contained, top-of-the-line content streaming box for guest rooms from TeleAdapt UK. The TeleAdapt RoomCast TA-2400 suffers from an elevation of privilege vulnerability, which is caused by improper privilege management in the Android Debug Brid...
CVE-2023-33743
TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Access Control; specifically, Android Debug Bridge adb is available...
CVE-2023-33743
The CVE-2023-33743 entry concerns TeleAdapt RoomCast TA-2400 (versions 1.0–3.1) with an improper access control flaw due to Android Debug Bridge (adb) being available. Public sources in the dataset describe an elevation of privilege risk and root-level access implications stemming from adb exposu...
CVE-2023-23578
Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier allows a remote unauthenticated attacker to connect to the product's ADB port...
PT-2023-8236 · Google · Google Chrome
Name of the Vulnerable Software and Affected Versions: Google Chrome on ChromeOS versions prior to 114.0.5735.90 Description: The issue is related to insufficient policy enforcement in the Android Debug Bridge ADB component of Google Chrome on ChromeOS. This allows a local attacker with physical...
SUSE CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
Analyzing and remediating a malware infested T95 TV box from Amazon
A couple of weeks ago, security news outlets made their rounds reporting on an Android TV box available on Amazon that came pre-installed with malware. The findings came from a Canadian developer, Daniel Milisic, who posted on his GitHub. What Daniel found was an Android T95 TV box infected with...
CVE-2022-26581
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. The attacker must have physical USB access to the device in order to exploit this vulnerability...
PT-2022-17939 · Pax · Pax A930 +1
Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid versions 7.1.1 Virgo V04.3.26T1 20210419 through 7.1.1 Virgo V04.4.02 20211201 Description: The issue allows the execution of specific command injections on selected binaries in the ADB daemon shell service. An...
PAX Technology A930 安全漏洞
PAX Technology A930 is an Android mobile payment terminal from PAX Technology, a Chinese company. A security vulnerability exists in the PAX Technology A930 PayDroid7.1.1VirgoV04.3.26T120210419 version, which stems from an ADB daemon that allows the execution of the systool utility in production...
[SECURITY] Fedora 37 Update: android-tools-33.0.3p1-1.fc37
The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...
[SECURITY] Fedora 35 Update: android-tools-33.0.3p1-2.fc35
The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...
[SECURITY] Fedora 36 Update: android-tools-33.0.3p1-1.fc36
The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...
Fedora: Security Advisory for android-tools (FEDORA-2022-3e1ade35db)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 35 Update: android-tools-31.0.2-2.fc35
The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...
EnemyBot Malware Targets Web Servers, CMS Tools and Android OS
A rapidly evolving IoT malware dubbed “EnemyBot” is targeting content management systems CMS, web servers and Android devices. Threat actor group “Keksec” is believed behind the distribution of the malware, according to researchers. “Services such as VMware Workspace ONE, Adobe ColdFusion,...