39 matches found
CVE-2025-61081
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
PT-2026-41983
Name of the Vulnerable Software and Affected Versions BYD Atto3 affected versions not specified Description An attacker can obtain a permanently available authentication key through a Brute Force attack. This key allows unauthorized flashing of the Electronic Parking Break EPB and Supplemental...
CVE-2025-61081
CVE-2025-61081 entry is rejected and not used.
CVE-2025-61081
DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2025-61081
...
CVE-2025-61081
In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break EPB and Supplemental Restoration System SRS related ECUs...
EUVD-2025-209899
In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break EPB and Supplemental Restoration System SRS related ECUs...
编号撤回
BYD Atto3 is a pure electric compact SUV produced by BYD Corporation of China. The BYD Atto3 has a security vulnerability. This vulnerability allows attackers to obtain permanently valid authentication keys through brute-force attacks, enabling them to perform flash memory operations on the ECUs...
A Real-Time Approach to Autonomous CAN Bus Reverse Engineering
This paper introduces a real-time method for reverse engineering a vehicle's CAN bus without prior knowledge of the vehicle or its CAN system. By comparing inertial measurement and CAN data during significant vehicle events, the method accurately identified the CAN channels associated with the...
CVE-2025-1727
The protocol used for remote linking over RF for End-of-Train and Head-of-Train also known as a FRED relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting...
EUVD-2020-2723
Malware in sbrugna...
EUVD-2025-21087
Malicious code in bioql PyPI...
EUVD-2022-30505
Malicious code in bioql PyPI...
Malicious code in test-mlw2-coyly-brake-cutis-mouse (npm)
The package test-mlw2-coyly-brake-cutis-mouse was found to contain malicious code...
CVE-2025-1727
The protocol used for remote linking over RF for End-of-Train and Head-of-Train also known as a FRED relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting...
CVE-2025-1727
CVE-2025-1727 describes a weakness in the End-of-Train/Head-of-Train (EoT/HoT) remote linking protocol that relies on a BCH checksum. The Red Hat entry and other sources mirror the NVD description: an attacker with appropriate access could craft EoT/HoT packets (via software‑defined radio) and is...
CVE-2025-1727 End-of-Train and Head-of-Train Remote Linking Protocol Weak Authentication
The protocol used for remote linking over RF for End-of-Train and Head-of-Train also known as a FRED relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting...
CVE-2025-1727 End-of-Train and Head-of-Train Remote Linking Protocol Weak Authentication
The protocol used for remote linking over RF for End-of-Train and Head-of-Train also known as a FRED relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting...
PT-2025-29125
Name of the Vulnerable Software and Affected Versions End-of-Train EoT and Head-of-Train HoT devices affected versions not specified Description A critical vulnerability exists in the remote linking protocol used for End-of-Train EoT and Head-of-Train HoT devices, which rely on a BCH checksum for...
AAR End-of-Train and Head-of-Train remote linking protocol 安全漏洞
The AAR End-of-Train and Head-of-Train remote linking protocol is a train control protocol from AAR Corporation. A security vulnerability exists in the AAR End-of-Train and Head-of-Train remote linking protocol that stems from the remote linking protocol's reliance on BCH checksums, which could...