STMicroelectronics stm32_mw_usb_host 安全漏洞

Stmicroelectronics stm32mwusbhost is a middleware USB Host MCU component from Stmicroelectronics, Switzerland. A security vulnerability exists in STMicroelectronics stm32mwusbhost, which stems from a buffer overflow vulnerability that could allow an attacker to execute arbitrary code when the...

Realtek RTL8195AM 安全漏洞

The Realtek RTL8195AM is an IoT microcontroller from China-based Realtek Semiconductor Realtek. A security vulnerability exists in previous versions of the Realtek RTL8195AM 284241d70308ff2519e40afd7b284ba892c730a3, which stems from the ability to lock the timer task when there are frequent and...

Security and Cheap Complexity

Ive been saying that complexity is the worst enemy of security for a long time now. Heres me in 1999. And its been true for a long time. In 2018, Thomas Dullien of Googles Project Zero talked about "cheap complexity." Andrew Appel summarizes: The anomaly of cheap complexity. For most of human...

CVE-2022-29948

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...

CVE-2022-29948

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...

CVE-2022-29948

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...

Authentication flaw

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...

CVE-2022-29948

CVE-2022-29948 affects Lepin EP-KP001 (KP001_V19) USB flash drive. The root cause is insecure hardware design allowing an attacker to bypass password authentication by replacing the device’s microcontroller with one controlled by the attacker, whose passcode is known. This enables unlocking the e...

PT-2022-19929 · Lepin · Lepin Ep-Kp001

Name of the Vulnerable Software and Affected Versions: Lepin EP-KP001 versions through KP001 V19 Description: The issue is due to an insecure design, allowing an authentication bypass attack. This enables an attacker to gain access to stored encrypted data by replacing the microcontroller on a...

Buffer overflow

NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers ROM version 1B have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted...

Nxp Semiconductors Nxp Lpc55S69 安全漏洞

The Nxp Semiconductors Nxp Lpc55S69 is a development board from Nxp Semiconductors, Netherlands. It is used to add off-the-shelf add-on boards for networking, sensors, displays and other interfaces. A security vulnerability exists in the Nxp Semiconductors Nxp Lpc55S69, which originates from a...

Realtek RTL8195AM Buffer Overflow Vulnerability

The Realtek RTL8195AM is an IoT microcontroller from Realtek Semiconductor Taiwan, China.The buffer overflow vulnerability exists in versions prior to Realtek RTL8195AM 2.0.10, which stems from the lack of effective handling of large text lengths in the software, resulting in a stack buffer...

Renesas Electronics Renesas RX65和RX65N 安全漏洞

The Renesas Electronics Renesas Rx65 and Renesas Rx65N are both a mainstream Rx microcontroller from Renesas Electronics, Japan. The Renesas Electronics Renesas RX65 and RX65N devices have a security vulnerability that allows an attacker to extract a security ID key from the device via a VCC faul...

CVE-2021-34399

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure...

CVE-2021-1088

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure...

CVE-2021-1105

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure...

CVE-2021-23219

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure...

CVE-2021-1125

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data...

CVE-2021-23201

NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. Such an attack could lead to information disclosure, data corruption, or...

Hardcoded credentials

NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. Such an attack could lead to information disclosure, data corruption, or...