284 matches found
Design/Logic Flaw
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information...
Design/Logic Flaw
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information...
Design/Logic Flaw
A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information...
Authentication flaw
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information...
Authentication flaw
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information...
Authentication flaw
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with physical access to device hardware to obtain system information...
Mercedes-Benz HERMES misconfiguration vulnerability (CNVD-2021-17721)
Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz connected vehicles. A misconfiguration vulnerability exists in the debug interface in Mercedes-Benz HERMES 1. An attacker with direct physical access to the device hardware could exploit the vulnerability to obtain cellul...
CVE-2019-19557
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information...
CVE-2019-19557
CVE-2019-19557 describes a misconfiguration in the debug interface of the Mercedes‑Benz HERMES 1 Telematics Control Unit. An attacker with direct physical access to the device could extract cellular‑modem information due to this misconfiguration. Documented in multiple sources (NVD entry, Red Hat...
CVE-2019-19563
A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information...
CVE-2019-19560
Mercedes‑Benz HERMES 1.5 contains an authentication bypass in the debug interface of the HERMES TCU. A physical attacker with access to device hardware can obtain system information. The CVE-2019-19560 entry is supported by multiple sources (RH, NVD, CVE records) and is linked to the HERMES compo...
CVE-2019-19556
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with physical access to device hardware to obtain system information...
CVE-2019-19562
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information...
CVE-2019-19562
The CVE-2019-19562 entry concerns a Mercedes-Benz HERMES 2.1 Telematics Control Unit where a vulnerability in the debug interface enables an authentication bypass . An attacker with physical access to the device hardware could obtain system information. Connected documents reiterate the same desc...
Gigadevice GD32VF103 Firmware Extraction Vulnerability
The Gigadevice GD32VF103 is a Mega Easy microcontroller device. The Gigadevice GD32VF103 Flash Readout Protection suffers from a firmware extraction vulnerability that can be exploited by a physically capable access attacker to submit a special request to obtain firmware from the debug interface...
CVE-2020-13467
The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling...
CVE-2020-13469
The flash memory readout protection in Gigadevice GD32VF103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU...
CVE-2020-13463
The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling...
CVE-2020-13465
The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface...
CVE-2020-13464
The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA module...