hdd-toolkit

HDD Firmware Toolkit A comprehensive Python toolkit for dumpi...

MiracleLinux 9 : microcode_ctl-20220207-1.20220510.1.el9 (AXBA:2022-4034:07)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXBA:2022-4034:07 advisory. - Sensitive information accessible by physical probing of JTAG interface for some IntelR Processors with SGX may allow an unprivileged user to...

EUVD-2022-15226

Malicious code in bioql PyPI...

EUVD-2025-4191

Malicious code in bioql PyPI...

EUVD-2024-43155

Malicious code in bioql PyPI...

CVE-2025-48468

Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware...

Advantech多款产品 安全漏洞

The Advantech WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN are all industrial automation controllers from Advantech of Taiwan, China. A code execution vulnerability exists in multiple Advantech products, which can be exploited by attackers to inject or modify firmware via the JTAG interface...

PT-2025-26680 · Advantech +1 · Advantech Wireless Sensing/Equipment +6

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue allows an attacker with physical access to the JTAG interface to inject or modify firmware. This could be achieved through successful exploitation of the vulnerability, potentially...

CVE-2025-26408

The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device's firmware. All known versions are affected...

Wattsense Bridge 6.x Remote Root / Information Disclosure

Wattsense Bridge suffers a multitude of security issues. The JTAG interface can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. A serial interface can be accessed with physical access to the PCB. After connecting to the...

CVE-2025-26408

The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device's firmware. All known versions are affected...

CVE-2025-26408

CVE-2025-26408 affects Wattsense Bridge devices where the JTAG interface is unprotected and accessible via physical access to the PCB, granting full device access (extract/modify firmware) across all known versions. Root cause per SEC Consult/PacketStorm analysis is an unprotected JTAG interface ...

CVE-2025-26408 Unprotected JTAG Interface

The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device's firmware. All known versions are affected...

CVE-2025-26408 Unprotected JTAG Interface

The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device's firmware. All known versions are affected...

Siemens Unlocked JTAG Interface / Buffer Overflow

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unlocked JTAG interface and buffer overflow product: Siemens SM-2558 Protocol Element extension module for Siemens SICAM AK3/TM/BC, Siemens CP-2016 & CP-2019 vulnerable...

CVE-2024-48970 Life2000 Ventilator microcontroller lacks memory protection

The ventilator's microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure...

CVE-2024-48970 Life2000 Ventilator microcontroller lacks memory protection

The ventilator's microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure...

Baxter Life2000 安全漏洞

The Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. A security vulnerability exists in Baxter Life2000 version 06.08.00.00 and earlier, which stems from a lack of memory protection and allows an attacker to read or write to flash memory via the JTAG interface, potentially...

CVE-2022-0005

A flaw was found in hw. Sensitive information accessible by physical probing of the JTAG interface for some IntelR Processors with SGX may allow an unprivileged user to disclose information via physical access. Mitigation Mitigation for this issue is either not available or the currently availabl...

CVE-2022-0005

Sensitive information accessible by physical probing of JTAG interface for some IntelR Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access...