1779 matches found
CVE-2020-26200
A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk KRD and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security KES...
DEBIAN-CVE-2021-27097
The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT...
CVE-2021-27138
The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT...
Shining a Light on SolarCity: Practical Exploitation of the X2e IoT Device (Part Two)
In this post, we continue our analysis of the SolarCity ConnectPort X2e Zigbee device referred to throughout as X2e device. In Part One, we discussed the X2e at a high level, performed initial network-based attacks, then discussed the hardware techniques used to gain a remote shell on the X2e...
Multiple Cisco Products Data Forgery Issue Vulnerabilities
The Cisco 8000 Series Router and the Cisco Network Convergence System 540 Series Routers are both router devices from Cisco USA. A data forgery issue vulnerability exists in Cisco IOS XR on multiple Cisco routers. The vulnerability is caused due to an unlocked version of the GRUB bootloader on th...
bootloader (>=0.10.0 <=0.10.13), libertyos_kernel (>=0.14.0 <=0.17.5) +1 more potentially affected by CVE-2020-36208 via conquer-once (=0.2.1)
conquer-once CARGO version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on conquer-once and may be impacted: - bootloader =0.10.0, =0.14.0, =0.1.0, =0.2.6 Source cves: CVE-2020-36208 Source advisory: OSV:RUSTSEC-2020-0101...
Vulnerability fixed in Cisco IOS XR
A vulnerability in the Preboot eXecution Environment PXE bootloader for Cisco IOS XR 64-bit software could allow an unauthenticated, remote malicious agent to execute execute unsigned code during the PXE boot process on an affected device. The PXE bootloader is part of the BIOS and is executed...
scap-security-guide bug fix and enhancement update
The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol SCAP format and constitutes a catalog of practical hardening advice, linked to government...
CVE-2019-14715
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation...
Design/Logic Flaw
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation...
CVE-2019-14715
CVE-2019-14715 affects Verifone Pinpad Payment Terminals. The root cause is an undocumented physical access path via an SBI bootloader memory write operation, enabling local access that can impact confidentiality, integrity, and availability as reflected by CVSS metrics (CVSSv3.1: AV=Physical, AC...
CVE-2019-14715
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation...
[SECURITY] Fedora 31 Update: grub2-2.02-110.fc31
The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...
Fedora: Security Advisory for grub2 (FEDORA-2020-e19b87f4f5)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Looking for sophisticated malware in IoT devices
One of the motivations for this post is to encourage other researchers who are interested in this topic to join in, to share ideas and knowledge and to help build more capabilities in order to better protect our smart devices. Research background Smart watches, smart home devices and even smart...
Design/Logic Flaw
AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage such as the bootloader...
The vulnerability in the implementation of the read_section_as_string() function of the Grub2 operating system allows a attacker to influence data integrity or cause service failures.
The vulnerability of the readsectionasstring function in the Grub2 operating system’s loader is related to the issue of data operations going beyond the buffer boundaries. This is because the maximum length of a UINT32MAX is 1 byte. Exploiting this vulnerability could allow an attacker to influen...
GRUB2 contained integer overflows when handling the initrd command leading to a heap-based buffer overflow.
...
GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim
...
CVE-2020-8710
Buffer overflow in the bootloader for some IntelR Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access...