41 matches found
CVE-2023-43885
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...
Design/Logic Flaw
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...
CVE-2023-41997
This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data...
Cybersecurity and privacy tips you can teach your 5+-year-old
Everything we teach our kids starts at home--we parents are their first teachers, after all. So, why wait for them to start going to school to start learning about cybersecurity and online privacy? Though it's hardly news that more and more children are being introduced to mobile computing device...
CVE-2022-28790
CVE-2022-28790 relates to the Link to Windows Service prior to version 2.3.04.1, where improper authentication can allow an attacker to lock the device. The available documents state the patch fixes this by adding proper caller signature check logic. No exploitation details are provided in the so...
CVE-2022-28790
Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to lock the device. The patch adds proper caller signature check logic...
Qualcomm RFA Security Vulnerability
Qualcomm RFA is a Qualcomm Incorporated USA support component used in chips. A security vulnerability exists in Qualcomm RFA due to improper authentication of SPC code settings and device locking...
Symantec Norton App Lock Access Gain Vulnerability
Symantec Norton App Lock is a suite of applications from Symantec USA that provide security features for mobile devices. A security vulnerability exists in Symantec Norton App Lock. An attacker could exploit the vulnerability to gain access to a device by bypassing the application and preventing...
Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass Exploit
Exploit for Android platform in category local exploits Sources: https://alephsecurity.com/2017/08/30/untethered-initroot/ https://github.com/alephsecurity/initroot initroot: Motorola Bootloader Kernel Cmdline Injection Secure Boot & Device Locking Bypass CVE-2016-10277 By Roee Hay / Aleph...
Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass
Sources: https://alephsecurity.com/2017/08/30/untethered-initroot/ https://github.com/alephsecurity/initroot initroot: Motorola Bootloader Kernel Cmdline Injection Secure Boot & Device Locking Bypass CVE-2016-10277 By Roee Hay / Aleph Research, HCL Technologies Recap of the Vulnerability and the...
NotNow - Explanation and Cause
There are certain times when the device is not able to do what the server requests. For example, databases cannot be modified while the device is locked with Data Protection. When a device cannot perform a command due to situations like this, it will send the NotNow status without performing the...
CVE-2013-5635
Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.e...
CVE-2013-5636
Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of...
Design/Logic Flaw
Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of...
Design/Logic Flaw
Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.e...
CVE-2013-5635
Affected software : Media Encryption EPM Explorer in Check Point Endpoint Security (through E80.50). Issue : a weakness in how password failure state is maintained, enabling bypass of the device-lock protection by running multiple Unlock.exe processes concurrently. Impact : local, physically prox...
CVE-2013-5636
The CVE-2013-5636 issue affects Check Point Endpoint Security (E80.50) with Media Encryption EPM Explorer’s Unlock.exe. The root cause is that password failure events are not associated with a device ID, enabling physically proximate attackers to bypass device-lock protection by overwriting DVREM...
CVE-2013-5635
Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.e...
Memory corruption
Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption...
CVE-2010-0038
Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption...