21 matches found
EUVD-2018-1391
Malware in sbrugna...
EUVD-2020-28630
Malware in sbrugna...
EUVD-2018-7354
Malware in sbrugna...
EUVD-2025-5944
Malicious code in bioql PyPI...
EUVD-2025-18989
Malicious code in bioql PyPI...
CVE-2025-48468
Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware...
CVE-2025-48468
Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware...
CVE-2024-44754
Cryptographic key extraction from internal flash in Minut M2 with firmware version 15142 allows physically proximate attackers to inject modified firmware into any other Minut M2 product via USB...
CVE-2024-44754
Cryptographic key extraction from internal flash in Minut M2 with firmware version 15142 allows physically proximate attackers to inject modified firmware into any other Minut M2 product via USB...
CVE-2024-44754
CVE-2024-44754 affects Minut M2 hardware (firmware version #15142). The issue is described as cryptographic key extraction from the device’s internal flash, enabling physically proximate attackers to inject modified firmware into other Minut M2 units via USB. The reported CVSSv3.1 base metrics in...
PT-2025-9109 · Minut · Minut M2
Name of the Vulnerable Software and Affected Versions: Minut M2 version 15142 Description: The issue allows physically proximate attackers to extract cryptographic keys from the internal flash of Minut M2 devices with the specified firmware version. This can be used to inject modified firmware in...
IntelliNet 2.0 Remote Root
!/usr/local/bin/node const execSync = require'childprocess'; const readline = require'readline'; let TARGET = ''; let COMMAND = ''; let SESSION = ''; const ESCALATE = '/usr/aes/bin/execsuid'; console.log ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣾⡄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⢀⣼⣿⣧⣶⣶⣶⣦⣤⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀...
Xerox Administrator Console Password Extractor
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox Administrator Console Password Extractor', 'Description' = %q This module will extract the management console's admin password from the Xer...
The vulnerability of the microprogrammed Ethernet receiver software from the Trio Q, Trio E, and Trio J series lies in the fact that code can be loaded without any checks for its integrity. This allows a hacker to inject additional code into the device’s firmware.
The vulnerability of the microprogrammed Ethernet receiver software from the Trio Q, Trio E, and Trio J series is related to the loading of code without checking its integrity. Exploiting this vulnerability allows a remote attacker to inject additional code into the device’s firmware...
The vulnerability of the microprogrammed control module software for Schneider Electric Easergy T300 (HU250) automation systems for transformer substations stems from improper verification of integrity. This allows a perpetrator to inject additional code into the device’s firmware and execute arbitrary commands.
The vulnerability of the microprogrammed control module software for automation of transformer substations of Schneider Electric Easergy T300 HU250 is related to improper verification of integrity. Exploiting this vulnerability allows a malicious actor to inject additional code into the device’s...
The vulnerability affects the implementation of the AMD Secure Processor technology in CPUs such as Ryzen, Ryzen Pro, Ryzen Mobile, and EPYC Server. This allows malicious code to be injected into a computer’s BIOS.
The vulnerability of AMD Secure Processor-based processors, such as Ryzen, Ryzen Pro, Ryzen Mobile, and EPYC Server, stems from the absence of a mechanism for detecting damage to flash memory contents. Exploiting this vulnerability allows an attacker who has access to the targeted computer and...
Google Nexus Synaptics Touchscreen Firmware Injection(CVE-2017-0433)
Products Nexus 6P Nexus 9 Android One Pixel Pixel XL Vulnerable Versions Verified on Nexus 9 6.0.1/MOB30W Verified on Nexus 9 7.0/NRD90M Technical Details Due to lenient SELinux and DAC policy, vulnerable Synaptics DSX touchscreen driver sysfs file entires are exposed to an attacker that executes...
Google Nexus 9 Cypress SAR Firmware Injection via I2C(CVE-2017-0563)
Product Google Nexus 9 Vulnerable Version Nexus 9 Android Builds before N4F27B - May 2017, i.e. before bootloader 3.50.0.0143. Mitigation Install N4F27B or later bootloader version 3.50.0.0143. Technical Details The Nexus 9 device contains a sensor SoC manufactured by Cypress. The sensor is manag...
Google Nexus 9 Cypress SAR Firmware Injection via I2C Vulnerability
Exploit for Android platform in category remote exploits Title: ==== Google Nexus 9 Cypress SAR Firmware Injection via I2C Identifier: ======== CVE-2017-0563 Product: ======= Google Nexus 9 Vulnerable Version: ================ Nexus 9 Android Builds before N4F27B - May 2017, i.e. before bootloade...
Mac EFI is exposed a major security vulnerability by Thunderbolt devices to spread malicious programs-vulnerability warning-the black bar safety net
Next week, Germany at the Chaos Communication Congress Security Conference, a researcher Trammell Hudson will present a new method, through the unique production of Thunderbolt devices in the Mac EFI boot firmware in the injection almost impossible to not remove the Bootkit virus. The exploits of...