26 matches found
CVE-2021-27426
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...
CVE-2025-14817
The CVE-2025-14817 entry affects the com.transsion.tranfacmode.entrance.main.MainActivity component in TECNO devices (e.g., Pova6 Pro 5G). The vulnerability arises from missing permission controls, allowing third-party apps to craft intents that directly open adb debugging functionality without u...
CVE-2025-14817 Factory Mode App Exists Privilege Escalation Issue Allowing Third-Party Apps to Open ADB
The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...
CVE-2025-14817 Factory Mode App Exists Privilege Escalation Issue Allowing Third-Party Apps to Open ADB
The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...
EUVD-2021-14180
Malware in sbrugna...
EUVD-2020-1598
Malware in sbrugna...
GE UR family Insecure Default Variable Initialization (CVE-2021-27426)
GE UR IED firmware versions prior to version 8.1x with Basic security variant does not allow the disabling of the Factory Mode, which is used for servicing the IED by a Factory user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
CVE-2020-0091
In mnld, an incorrect configuration in drivercfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700...
CVE-2024-44667
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2v1.0.1557.15.35P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access...
CVE-2024-44667
CVE-2024-44667 affects Shenzhen Haichangxing HCX H822 4G LTE Router (M7628NNxISPxUIv2_v1.0.1557.15.35_P0). The vulnerability is Incorrect Access Control that allows unauthenticated factory mode reset and command injection, leading to information exposure and potential root shell access. Public so...
InHand Networks InRouter302 console infactory_net command injection vulnerability
Summary An OS command injection vulnerability exists in the console infactorynet functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Teste...
InHand Networks InRouter302 console infactory_wlan command injection vulnerability
Summary An OS command injection vulnerability exists in the console infactorywlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Test...
CVE-2021-27426
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...
CVE-2021-27426
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...
Code injection
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...
CVE-2021-27426
CVE-2021-27426 affects GE UR family UR IEDs; prior to firmware 8.1x with Basic security, the device does not allow disabling Factory Mode, enabling servicing by factory users. Root cause is an insecure default variable initialization (CWE-453). Impact per sources includes potential bypass of acce...
CVE-2021-27426 GE UR family insecure default variable initialization
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...
CVE-2021-27426 GE UR family insecure default variable initialization
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...
CVE-2022-23729
When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010...
GE Grid Solutions UR 安全漏洞
GE Grid Solutions UR is an embedded operating system from GE Grid Solutions, France. It provides high-performance protection, scalable I/O, integrated monitoring and metering, high-speed communications, and extensive programming and configuration capabilities. A security vulnerability exists in G...