15 matches found
EUVD-2018-12586
Malware in sbrugna...
EUVD-2019-3312
Malware in sbrugna...
EUVD-2021-6848
Malicious code in bioql PyPI...
CVE-2023-28895
The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...
CVE-2023-28895
The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...
CVE-2023-28895
The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...
CVE-2023-28895
The CVE-2023-28895 entry concerns Škoda MIB3 infotainment’s PoWer Controller (PWC) with a hard-coded password in the firmware. This allows an attacker with physical access to gain full control of the PWC chip on Škoda Superb III (3V3) 2.0 TDI (2022). Connected documents confirm the hardware/softw...
CVE-2021-1381
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging console. The vulnerability is due to insufficient command authorization restrictions. An attacker could...
Design/Logic Flaw
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging console. The vulnerability is due to insufficient command authorization restrictions. An attacker could...
CVE-2021-1381
Cisco IOS XE Software contains a vulnerability due to insufficient command authorization restrictions that could allow an authenticated, high-privilege local attacker or an unauthenticated attacker with physical access to open a debugging console by executing commands on the hardware. The issue e...
CVE-2018-20008
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials plain text and the web-console password base64 via the debugging console...
Improper access control
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials plain text and the web-console password base64 via the debugging console...
CVE-2018-20008
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials plain text and the web-console password base64 via the debugging console...
CVE-2018-20008
CVE-2018-20008 affects iBall Baton iB-WRB302N20122017 devices. The issue is improper access control on the UART interface, allowing a physical attacker with access to the debugging console to retrieve Wi‑Fi credentials (plain text) and the web‑console password (base64). The root cause is limited ...
CVE-2018-20008
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials plain text and the web-console password base64 via the debugging console...