Lucene search
K

9 matches found

Talos Blog
Talos Blog
added 2025/08/20 1:0 p.m.6 views

Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices

Static Tundra is a Russian state-sponsored cyber espionage group linked to the FSB's Center 16 unit that has been operating for over a decade, specializing in compromising network devices for long-term intelligence gathering operations. The group actively exploits a seven-year-old vulnerability...

10CVSS10AI score0.9951EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/23 2:51 a.m.6 views

CVE-2023-0209

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware...

8.2CVSS7.5AI score0.002EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/05/16 2:45 p.m.3 views

China's Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks

The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks aimed at European foreign affairs entities since January 2023. An analysis of these intrusions, per Check Point researchers Itay Cohen and Radoslaw Madej, has revealed a custom...

7.3AI score
Exploits0
OSV
OSV
added 2023/04/22 3:15 a.m.4 views

CVE-2023-0209

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware...

7.8CVSS7.3AI score0.002EPSS
Exploits0References1
NVD
NVD
added 2023/04/22 3:15 a.m.32 views

CVE-2023-0209

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware...

8.2CVSS8.6AI score0.002EPSS
Exploits0References1
Prion
Prion
added 2023/04/22 3:15 a.m.23 views

Design/Logic Flaw

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware...

4.3CVSS8.2AI score0.002EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/22 2:28 a.m.31 views

CVE-2023-0209

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware...

8.2CVSS8.8AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2023/04/22 2:28 a.m.57 views

CVE-2023-0209

The CVE-2023-0209 issue affects NVIDIA DGX-1 SBIOS Uncore PEI: missing authentication of the SSA-executed code allows files/firmware to potentially execute arbitrary code, cause DoS, privilege escalation via firmware implants, information disclosure, data tampering, and SecureBoot bypass. Red Hat...

8.2CVSS8.3AI score0.002EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2022/01/21 11:40 a.m.21 views

Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group APT41. Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the...

1.2AI score
Exploits0
Rows per page
Query Builder