Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.9 views

CVE-2022-31807

A vulnerability has been identified in Building X - Security Manager Edge Controller ACC-AP All versions. Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, a...

6.2CVSS6.6AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.8 views

CVE-2024-39352

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models with Synology Camera Firmware versions before...

4.9CVSS6.6AI score0.00867EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-9422

Malicious code in bioql PyPI...

6.1CVSS5.8AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-8124

Malicious code in bioql PyPI...

9CVSS7.4AI score0.0066EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-37915

Malicious code in bioql PyPI...

4.9CVSS6.6AI score0.00867EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29029

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00353EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-57923

Malicious code in bioql PyPI...

6.5CVSS5.4AI score0.00282EPSS
Exploits0References1
NVD
NVD
added 2025/05/23 3:15 p.m.10 views

CVE-2022-31807

A vulnerability has been identified in Building X - Security Manager Edge Controller ACC-AP All versions. Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, a...

6.2CVSS0.00144EPSS
Exploits0References2
ICS
ICS
added 2025/05/23 12:0 a.m.11 views

Siemens SiPass

SUMMARY SiPass integrated ACC Advanced Central Controller devices do not properly check the integrity of firmware updates. This could allow an attacker to upload a maliciously modified firmware onto the device. Siemens is preparing fix versions and recommends specific countermeasures for...

6.2CVSS7.2AI score0.00144EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/22 11:58 p.m.7 views

CVE-2022-24117

Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

9.8CVSS7.3AI score0.00353EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:17 p.m.8 views

CVE-2021-20709

Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by...

9CVSS7.9AI score0.0066EPSS
Exploits0References1
NVD
NVD
added 2025/03/14 3:15 p.m.11 views

CVE-2024-47573

An improper validation of integrity check value vulnerability CWE-354 in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted...

6.5CVSS0.00201EPSS
Exploits0References1
CVE
CVE
added 2025/02/13 5:45 a.m.73 views

CVE-2025-1058

CVE-2025-1058 affects Schneider Electric ASCO 5310 and ASCO 5350 Remote Annunciator products. The issue is CWE-494: downloading code without integrity checks, which could render the device inoperable if malicious firmware is downloaded. Additional disclosures (CWE-770, CWE-319, CWE-434) appear in...

8.1CVSS7.3AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/28 6:7 a.m.20 views

CVE-2024-39352

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models with Synology Camera Firmware versions before...

4.9CVSS0.00867EPSS
Exploits0References1
CVE
CVE
added 2024/06/28 6:7 a.m.61 views

CVE-2024-39352

Synology CVE-2024-39352 concerns an incorrect authorization flaw in the Synology Camera Firmware upgrade functionality. Affected models are BC500 and TC500 with firmware versions before 1.0.7-0298. The issue allows remote authenticated users with administrator privileges to bypass the firmware in...

4.9CVSS4.8AI score0.00867EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2023/05/08 3:23 p.m.32 views

MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web

The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/12/26 12:0 a.m.8 views

CVE-2022-24117

Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

7.3AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/17 12:0 a.m.8 views

Unspecified Vulnerability in Schneider Electric Easergy T300 (CNVD-2021-21473)

The Schneider Electric Easergy T300 is a remote terminal unit for the power industry from Schneider Electric, France. A security vulnerability in the Schneider Electric Easergy T300 using firmware version 1.5.2 and earlier, which stems from the program not checking the integrity of the code when ...

9CVSS7.7AI score0.00913EPSS
Exploits0References1
Rows per page
Query Builder