6 matches found
CVE-2025-5820
Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-5820
Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-5820 Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability
Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan RAT called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities,...
Insecure Certificate Validation
github.com/pion/webrtc is using an insecure certificate validation. A failed DTLS certificate verification does not fail data channel communication during PeerConnection handshake. The attack requires the attacker to have knowledge of the ICE password...
GHSA-74XM-QJ29-CQ8P In github.com/pion/webrtc, failed DTLS certificate verification doesn't stop data channel communication
Impact Data channel communication was incorrectly allowed with users who have failed DTLS certificate verification. This attack requires Attacker knows the ICE password. Only take place during PeerConnection handshake. This attack can be detected by monitoring PeerConnectionState in all versions ...