Lucene search
+L

143 matches found

NVD
NVD
added 2022/04/12 12:15 p.m.17 views

CVE-2022-0878

Electric Vehicle EV commonly utilises the Combined Charging System CCS for DC rapid charging. To exchange important messages such as the State of Charge SoC with the Electric Vehicle Supply Equipment EVSE CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY HPGP power-line...

6.5CVSS0.00486EPSS
Exploits1References1
Prion
Prion
added 2022/04/12 12:15 p.m.16 views

Design/Logic Flaw

Electric Vehicle EV commonly utilises the Combined Charging System CCS for DC rapid charging. To exchange important messages such as the State of Charge SoC with the Electric Vehicle Supply Equipment EVSE CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY HPGP power-line...

3.3CVSS6.5AI score0.00486EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/04/12 12:0 p.m.26 views

CVE-2022-0878 Novel attack against the Combined Charging System (CCS) in electric vehicles to remotely cause a denial of service

Electric Vehicle EV commonly utilises the Combined Charging System CCS for DC rapid charging. To exchange important messages such as the State of Charge SoC with the Electric Vehicle Supply Equipment EVSE CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY HPGP power-line...

4.6CVSS6.7AI score0.00486EPSS
Exploits1References1
CVE
CVE
added 2022/04/12 12:0 p.m.85 views

CVE-2022-0878

The CVE-2022-0878 issue describes a denial-of-service style disruption in CCS-based DC fast charging communications, where an attacker can use electromagnetic interference to wirelessly interrupt the high-bandwidth IP link over HomePlug Green PHY (HPGP) PLC. Exploitation can be performed from a d...

6.5CVSS5.5AI score0.00486EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.7 views

Combined Charging System 访问控制错误漏洞

Combined Charging System CCS is a combined charging system. The Combined Charging System CCS for DC suffers from a security vulnerability where an attack could use electromagnetic interference to wirelessly interrupt the necessary control communications between the vehicle and the charger from a...

6.5CVSS6.6AI score0.00486EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/03/07 3:28 p.m.6 views

CVE-2022-26131 ICSA-22-063-01 Improper Protection against Electromagnetic Fault Injection in Trailer Power Line Communications (PLC) J2497

Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals...

9.3CVSS9.5AI score0.013EPSS
Exploits0References1
ICS
ICS
added 2022/03/04 12:0 a.m.72 views

Trailer Power Line Communications (PLC) J2497

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Equipment: Power Line Communications PLC: J2497 a.k.a. PLC4TRUCKS Vulnerabilities: Missing Authentication for Critical Function, Improper Protection against Electromagnetic Fault Injection 2. RISK EVALUATION...

9.1CVSS9.8AI score0.01173EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2022/01/03 11:51 a.m.39 views

Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations

Cybersecurity researchers have proposed a novel approach that harnesses electromagnetic field emanations from the Internet of Things IoT devices as a side-channel to glean precise knowledge about the different kinds of malware targeting the embedded systems, even in scenarios where obfuscation...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/07/13 12:0 a.m.266 views

Amazon Linux AMI : nspr, nss-softokn, nss-util (ALAS-2021-1522)

The version of nspr installed on the remote host is prior to 4.25.0-2.45. The version of nss-softokn installed on the remote host is prior to 3.53.1-6.46. The version of nss-util installed on the remote host is prior to 3.53.1-1.58. It is, therefore, affected by multiple vulnerabilities as...

10CVSS8AI score0.03552EPSS
Exploits1References21
Rosalinux
Rosalinux
added 2021/07/02 5:14 p.m.27 views

Advisory ROSA-SA-2021-1870

Software: libgcrypt 1.5.3 OS: Cobalt 7.9 CVE-ID: CVE-2014-5270 CVE-Crit: CRITICAL CVE-DESC: Libgcrypt before 1.5.4, used in GnuPG and other products, incorrectly performs ciphertext normalization and ciphertext randomization, making it easier for physically proximate attackers to conduct key...

7.5CVSS6.5AI score0.03885EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/06/07 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1931)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.8AI score0.00337EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.28 views

EulerOS 2.0 SP9 : nss (EulerOS-SA-2021-1952)

According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly...

4.4CVSS7.3AI score0.00337EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.26 views

EulerOS 2.0 SP9 : nss (EulerOS-SA-2021-1931)

According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly...

4.4CVSS7.3AI score0.00337EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.43 views

EulerOS Virtualization 2.9.0 : nss (EulerOS-SA-2021-1744)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed...

4.7CVSS7.2AI score0.00337EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.50 views

EulerOS Virtualization 2.9.1 : nss (EulerOS-SA-2021-1717)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed...

4.7CVSS7.2AI score0.00337EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/04/13 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1717)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS7AI score0.00337EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/04 12:0 a.m.58 views

EulerOS Virtualization for ARM 64 3.0.6.0 : nss-softokn (EulerOS-SA-2021-1536)

According to the versions of the nss-softokn packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could...

10CVSS7.5AI score0.03552EPSS
Exploits1References7
Schneier on Security
Schneier on Security
added 2021/01/12 12:16 p.m.36 views

Cloning Google Titan 2FA keys

This is a clever side-channel attack: The cloning works by using a hot air gun and a scalpel to remove the plastic key casing and expose the NXP A700X chip, which acts as a secure element that stores the cryptographic secrets. Next, an attacker connects the chip to hardware and software that take...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/08 4:56 p.m.7 views

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication 2FA device can clone it...

4.2CVSS6.1AI score0.00196EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/01/08 4:56 p.m.108 views

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication 2FA device can clone it...

4.2CVSS0.5AI score0.00196EPSS
Exploits1
Rows per page
Query Builder