Lucene search
K

13 matches found

Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.29 views

PT-2026-44498

Name of the Vulnerable Software and Affected Versions Charging controller affected versions not specified Description A firmware update mechanism fails to validate the authenticity of firmware packages delivered through the device's management interface. Due to the lack of cryptographic signature...

9.3CVSS6AI score0.00246EPSS
Exploits0References4
NVD
NVD
added 2025/10/16 7:15 p.m.30 views

CVE-2025-60855

Reolink Video Doorbell WiFi DB566128M5MPW performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this is disputed by the Supplier because the integrity of updates is...

5.1CVSS0.00115EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/16 12:0 a.m.9 views

CVE-2025-60855

Reolink Video Doorbell WiFi DB566128M5MPW performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this is disputed by the Supplier because the integrity of updates is...

0.00115EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0366

Malware in sbrugna...

9.3CVSS6.4AI score0.02762EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-2524

Malware in sbrugna...

5.8CVSS5.5AI score0.01181EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.3 views

CVE-2023-23773

Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent impla...

8.8CVSS7.5AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2023/08/29 9:15 a.m.3 views

CVE-2023-23772

Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a...

8.8CVSS6AI score
Exploits0References1
CNNVD
CNNVD
added 2022/03/31 12:0 a.m.3 views

GE General Electric Renewable Energy MDS Radios 安全漏洞

GE General Electric Renewable Energy MDS Radios are a range of industrial wireless solutions from General Electric GE. A security vulnerability exists in GE General Electric Renewable Energy's MDS iNET/iNET II/SD/TD220/TD220MAX Radios that stems from the absence of cryptographic signatures to...

9.8CVSS8.3AI score0.00353EPSS
Exploits0References3
OSV
OSV
added 2020/05/14 9:15 p.m.4 views

CVE-2020-12046

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC’s firmware files’ signatures are not verified upon firmware update. This allows an attacker to replace legitimate firmware files with malicious files...

5.7CVSS6.2AI score0.00465EPSS
Exploits0References1
OSV
OSV
added 2020/05/11 11:15 p.m.6 views

CVE-2020-10059

The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-ZEP-018 This issue affects: zephyrproject-rtos zephyr versi...

4.8CVSS5.8AI score0.01181EPSS
Exploits0References5
OSV
OSV
added 2017/07/31 3:29 a.m.5 views

CVE-2017-9498

The Comcast firmware on Motorola MX011ANM firmware version MX011AN2.9p6s1PRODsey and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for...

5.5CVSS5.9AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2014/08/15 11:15 a.m.21 views

CVE-2014-0328

The thraneLINK protocol implementation on Cobham devices does not verify firmware signatures, which allows attackers to execute arbitrary code by leveraging physical access or terminal access to send an SNMP request and a TFTP response...

9.3CVSS7.5AI score0.02762EPSS
Exploits0References1
CVE
CVE
added 2014/08/15 10:0 a.m.63 views

CVE-2014-0328

The CVE-2014-0328 entry describes Cobham’s thraneLINK protocol on Cobham devices as failing to verify firmware signatures, enabling a remote attacker with physical or terminal access to trigger SNMP and TFTP interactions to install a malicious firmware image. The NVD entry reiterates that lack of...

9.3CVSS7.7AI score0.02762EPSS
Exploits0References1Affected Software4
Rows per page
Query Builder