2 matches found
Design/Logic Flaw
Secure Elements Class 5 AVR server aka C5 EVM before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts...
Secure Elements Class 5 AVR server fails to properly authenticate session start messages
Overview The Secure Elements Class 5 AVR server fails to properly authenticate "session start" messages. This may allow an attacker to cause the server to initiate TCP connections to arbitrary destinations, which can cause a denial of service to both the server and the specified target. Descripti...