6 matches found
EUVD-2024-22081
Malicious code in bioql PyPI...
CVE-2024-24681
An issue was discovered in Yealink Configuration Encrypt Tool AES version and Yealink Configuration Encrypt Tool RSA version before 1.2. There is a single hardcoded key used to encrypt provisioning documents across customers' installations...
CVE-2024-24681
An issue was discovered in Yealink Configuration Encrypt Tool AES version and Yealink Configuration Encrypt Tool RSA version before 1.2. There is a single hardcoded key used to encrypt provisioning documents across customers' installations...
Hardcoded credentials
Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide, hardcoded AES key in the configuration tool used to encrypt provisioning documents was leaked leading to a compromise of confidentiality of provisioning documents...
CVE-2024-24681
An issue was discovered in Yealink Configuration Encrypt Tool AES version and Yealink Configuration Encrypt Tool RSA version before 1.2. There is a single hardcoded key used to encrypt provisioning documents across customers' installations...
CVE-2024-24681
The CVE-2024-24681 entry concerns Yealink Configuration Encrypt Tool: AES version and RSA versions before 1.2 use a single hardcoded AES key to encrypt provisioning documents, shared across customers. This weak key handling is the root cause and can compromise confidentiality of provisioning data...