Nuvoton ECHD Key Security Update

Nuvoton has informed HP of a potential security vulnerability identified in Nuvoton TPM NPCT7xx models used in certain HP PC products, which might allow information disclosure. Nuvoton has released firmware mitigation for the potential vulnerability. HP has identified affected platforms and...

EUVD-2024-54878

Malicious code in bioql PyPI...

CVE-2024-5477

A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is releasin...

CVE-2024-5477

A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is releasin...

CVE-2024-5477

CVE-2024-5477 concerns HP System BIOS on some HP PC products. The vulnerability may allow privilege escalation, arbitrary code execution, denial of service, or information disclosure via a physical attack. Key details from connected documents: affected component is the System BIOS; mitigation is ...

CVE-2024-5477

A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is releasin...

HP BIOS Flash Protection Security Update

A potential security vulnerability has been identified in the System BIOS for some HP PC products, which might allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is...

CVE-2021-3808

Potential security vulnerabilities have been identified in the BIOS UEFI Firmware for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities...

CVE-2021-27428

GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without...

GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, RXi Improper Input Validation (CVE-2018-8867)

In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacke...

Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module

A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an adversary could abuse to gain elevated privileges on a device and hijack wireless communications. "Successful exploitation would lead to complete control of the Wi-Fi module and potential root...

Schneider Electric StruxureWare Building Expert Plaintext Credentials Vulnerability

OVERVIEW Independent researcher Artyom Kurbatov has identified a cleartext transmission vulnerability in Schneider Electric’s StruxureWare Building Expert product. Schneider Electric has produced a new firmware version that mitigates this vulnerability. Artyom Kurbatov has tested the new firmware...

Rockwell Micrologix 1400 DNP3 DOS Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on September 11, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Matthew Luallen of CYBATI has identified a denial-of-service DoS vulnerability to the DNP3 implementation of the...