PT-2024-23162 · Ict · Ict

Name of the Vulnerable Software and Affected Versions: ICT affected versions not specified Description: Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default I...

Firmware and Intel Boot Guard keys leaked in ransomware attack on MSI

In late March, hardware manufacturer MSI was hit by a ransomware attack. As a result of this ransomware attack, private keys were according to security firm Binarly, private keys were leaked that are used to digitally sign firmware for motherboards. Also compromised were private keys used by Inte...

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

On April 7, 2023 MSI Micro-Star International released a statement confirming a cyberattack on part of its information systems. While the statement does not reveal a lot of tangible information, this snippet is important: "MSI urges users to obtain firmware/BIOS updates only from its official...

CVE-2017-13698

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys embedded...