Lucene search
+L

173 matches found

Kitploit
Kitploit
added 2019/10/19 9:30 p.m.159 views

IoT-Implant-Toolkit - Toolkit For Implant Attack Of IoT Devices

IoT-Implant-Toolkit is a framework of useful tools for malware implantation research of IoT devices. It is a toolkit consisted of essential software tools on firmware modification, serial port debugging, software analysis and stable spy clients. With an easy-to-use and extensible shell-like...

7.7AI score
Exploits0References8
Cvelist
Cvelist
added 2019/05/22 7:54 p.m.27 views

CVE-2019-6816

In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol...

9.4AI score0.0145EPSS
Exploits0References1
NVD
NVD
added 2019/05/13 7:29 p.m.30 views

CVE-2019-1649

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that...

7.2CVSS6.3AI score0.00611EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/05/13 12:0 a.m.5 views

PT-2019-2446 · Cisco · Cisco Secure Boot +1

Name of the Vulnerable Software and Affected Versions: Cisco products that support hardware-based Secure Boot functionality affected versions not specified Description: A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot...

7.2CVSS6.3AI score0.00611EPSS
Exploits0References8
ICS
ICS
added 2018/10/09 12:0 a.m.1503 views

Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit/information related to these vulnerabilities is publicly available Vendor: Hangzhou Xiongmai Technology Co., Ltd Equipment: XMeye P2P Cloud Server Vulnerabilities: Predictable From Observable State, Hidden...

9.8CVSS7.1AI score0.01251EPSS
Exploits4References5
Prion
Prion
added 2018/10/08 3:29 p.m.28 views

Hardcoded credentials

The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured to use password onl...

10CVSS9.7AI score0.02095EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2018/07/09 6:29 p.m.19 views

CVE-2018-13787

Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware...

7.2CVSS6.5AI score0.00417EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/09 6:0 p.m.21 views

CVE-2018-13787

Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware...

6.5AI score0.00417EPSS
Exploits0References3
CNVD
CNVD
added 2018/07/04 12:0 a.m.6 views

Siemens SICLOCK TC Product Unauthorized Operation Vulnerability

The SICROCK product line offers components for synchronizing plant and system time. An unauthorized operation vulnerability exists in Siemens SICLOCK TC products. An attacker on network access port 69/UDP could modify the firmware of the device...

10CVSS9.5AI score0.02296EPSS
Exploits0References1
Prion
Prion
added 2018/07/03 2:29 p.m.12 views

Design/Logic Flaw

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the firmware of the device...

10CVSS9.1AI score0.02296EPSS
Exploits0References2
HackRead
HackRead
added 2018/03/16 5:13 p.m.37 views

PS4 Firmware 4.55 Modified to Be Compatible with Firmware 5.50

By Waqas It was just last week when hackers identified a way This is a post from HackRead.com Read the original post: PS4 Firmware 4.55 Modified to Be Compatible with Firmware 5.50...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2017/10/11 12:0 a.m.19 views

CVE-2017-5701

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery...

6.9AI score0.00328EPSS
Exploits0References2
NVD
NVD
added 2017/06/30 3:29 a.m.18 views

CVE-2017-6041

An Unrestricted Upload issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520,...

9.8CVSS9.4AI score0.01848EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/06/30 2:35 a.m.22 views

CVE-2017-6041

An Unrestricted Upload issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520,...

9.3AI score0.01848EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2016/08/16 12:0 a.m.48 views

Actiontec T2200H Remote Reverse Root Shell

Device Details Vendor: Actiontec Telus Branded, but may work on others Model: T2200H but likely affecting other similar models of theirs Affected Firmware: T2200H-31.128L.03 Device Manual: http://static.telus.com/common/cms/files/internet/telust2200husermanual.pdf Reported: November 2015 Status:...

0.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2015/12/17 12:0 a.m.6 views

PT-2018-05: Unauthorized Firmware Modification in Siemens EN100 Ethernet modules

The specialists of the Positive Research center have detected an Unauthorized Firmware Modification vulnerability in Siemens EN100 Ethernet modules. Vulnerability allows unauthenticated attackers to upgrade or downgrade the firmware of the affected device including to older versions with known...

7.5CVSS7.7AI score0.01431EPSS
Exploits0References5
Prion
Prion
added 2015/10/09 5:59 a.m.20 views

Code injection

The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete...

4.7CVSS6.5AI score0.00389EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2015/10/03 12:0 a.m.4 views

Apple OS X Apple Ethernet Thunderbolt Adapter Firmware Flashing Vulnerability

Apple OS X is an operating system developed by Apple Inc. A security vulnerability exists in Apple OS X EFI, where a link in the EFI common update allows a malicious Apple Ethernet Thunderbolt adapter to modify the host firmware. A local attacker could exploit the vulnerability to modify the host...

4.7CVSS6.4AI score0.00352EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2015/09/16 8:49 p.m.19 views

​SYNful Knock: Backdoor Malware Found in Cisco Routers

Mandiant, a FireEye sister concern has been involved in researches related to cyber defense. In their recent findings, a backdoor malware named SYNful Knock identified as the one compromising the principles of Cisco routers with features such as... ...Having an everlasting effect, i.e. Serious...

7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/09/16 12:0 a.m.2 views

Cisco Router SYNful Knock Implant TCP Activator

A router implant vulnerability, known as SYNful Knock has been reported in multiple Cisco routers . A successful exploitation might enable the attacker to modify the router's firmware, and thereby allow running arbitrary code, or using the server as a bot for further attacks...

3.7AI score
Exploits0
Rows per page
Query Builder