940 matches found
EUVD-2026-8994
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...
CVE-2026-1442
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...
CVE-2026-1442 Unitree UPK files Hard-Coded Key
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...
CVE-2026-1442
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...
CVE-2026-1442 Unitree UPK files Hard-Coded Key
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...
CVE-2026-1442
CVE-2026-1442 describes a vulnerability in Unitree firmware update protection where the algorithm used to protect firmware updates is itself encrypted with key material accessible to an attacker. This could allow an unauthorized user to alter firmware updates and have them trusted by Unitree prod...
CVE-2026-25195
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by supplying a crafted firmware update file via the firmware update route...
CVE-2026-20910
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the devices field of the firmware update update action to achieve remote code execution...
Copeland多款产品 操作系统命令注入漏洞
Copeland XWEB PRO, among others, are advanced commercial and industrial refrigeration monitoring and management systems developed by the American company Copeland. Several Copeland products have vulnerabilities related to OS command injection. This vulnerability stems from OS commands injected in...
PT-2026-22294
Name of the Vulnerable Software and Affected Versions Unitree Go2 and other models versions affected versions not specified Description The encryption algorithm used to protect firmware updates is encrypted using key material accessible to attackers. This allows unauthorized modification of...
Copeland多款产品 操作系统命令注入漏洞
Copeland XWEB 300D PRO, among others, are advanced commercial and industrial refrigeration monitoring and management systems developed by the American company Copeland. Several Copeland products have vulnerabilities related to operating system command injection. These vulnerabilities stem from...
Copeland多款产品 操作系统命令注入漏洞
Both the Copeland XWEB 500D PRO and Copeland XWEB 500B PRO are advanced commercial and industrial refrigeration monitoring and management systems from the American company Copeland. Several Copeland products have a vulnerability related to operating system command injection. This vulnerability...
CVE-2025-15575
The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks e.g. digital signatu...
CVE-2025-15575
The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks e.g. digital signatu...
CVE-2025-15575
The CVE-2025-15575 issue affects Solax Power Pocket WiFi. The firmware update functionality does not verify the authenticity of supplied firmware update files and lacks cryptographic checks (e.g., digital signatures). ESP32 security features such as secure boot are not used. Root cause: no authen...
AMD Processors February 2026 Security Update
AMD has informed HP of potential vulnerabilities in certain AMD Athlon™, AMD Ryzen™, and AMD Ryzen™ Embedded Processors, which might allow escalation of privilege, arbitrary code execution, kernel memory corruption, denial of service, loss of confidentiality, loss of integrity, loss of...
Intel Processor Firmware February 2026 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Processors, which might allow escalation of privilege. Intel is releasing microcode updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has identified...
Intel Chipset Firmware February 2026 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability, which might allow denial of service or information disclosure. Intel is...
2026.1 IPU, Intel® Chipset Firmware Advisory
Summary: Potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability may allow denial of service or information disclosure. Intel is releasing firmware updates t...
2026.1 IPU, Intel® Trust Domain Extensions (Intel® TDX) module Advisory
Summary: Potential security vulnerabilities for some Intel® TDX modules may allow information disclosure, escalation of privilege, or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-30513 Description: Race...