3 matches found
Siemens SIMATIC S7-1500 Exposure of Resource to Wrong Sphere (CVE-2019-12904)
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an assembly-language implementation is unavailable. NOTE: the vendor's position is...
CVE-2023-32613
Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in...
Exposure of Resource to Wrong Sphere
Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere by loading a binary from an insecure hardcoded S3 bucket URL, which was demonstrated by an ethical hacker to be susceptible to takeover by malicious...