25 matches found
Insecure Despite Proven Updated: Extracting the Root VCEK Seed on EPYC Milan Via a Software-Only Attack
In the official whitepaper of Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP, AMD explicitly emphasizes the capability to prevent Trusted Computing Base TCB rollback attacks. Cryptographically, this is realized by signing attestation reports with the Versioned Chip Endorsement...
CVE-2025-37147
A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...
Hewlett Packard Enterprise ArubaOS 安全漏洞
Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from the ability to bypass hardware root of trust authentication, which could lead to the...
EUVD-2025-19126
Malicious code in bioql PyPI...
EUVD-2025-12181
Malicious code in bioql PyPI...
CVE-2025-5834
Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this...
CVE-2025-5834
Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this...
CVE-2025-5834 Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this...
CVE-2025-5834
The CVE-2025-5834 entry concerns Pioneer DMH-WT7600NEX, where a missing immutable root of trust in the hardware SoC enables local privilege escalation. The flaw stems from improper hardware root-of-trust configuration, allowing a local attacker to bypass authentication and escalate privileges to ...
CVE-2025-5834 Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this...
Pioneer DMH-WT7600NEX 安全漏洞
The Pioneer DMH-WT7600NEX is a multimedia digital media receiver from Pioneer. A security vulnerability exists in the Pioneer DMH-WT7600NEX that stems from an improperly configured hardware root of trust, which could lead to local elevation of privilege...
Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the configuratio...
CVE-2025-2762
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2025-2762
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2025-2762
CVE-2025-2762 affects CarlinKit CPC200-CCPA. The flaw is due to misconfiguration of the SoC hardware root of trust, enabling local privilege escalation and the execution of arbitrary code in the boot context once an attacker gains low-privilege code execution. Reported details indicate the vulner...
(0Day) CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
[SECURITY] Fedora 41 Update: keyring-ima-signer-0.1.0-17.fc41
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
CVE-2024-8357
Visteon Infotainment App SoC with Missing Immutable Root of Trust is affected. The flaw lies in the application SoC configuration and lack of properly configured hardware root of trust, enabling local privilege escalation and potentially arbitrary code execution during the boot process. Exploitat...
[SECURITY] Fedora 39 Update: keyring-ima-signer-0.1.0-11.fc39
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
CVE-2023-38486 Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...