Espressif esp32 has an unspecified vulnerability

Espressif ESP32 is a microcontroller from China Lexin Information Technology Espressif. espressif esp32 has a security vulnerability that allows an attacker to cause a denial of service and kernel crash via a misformatted beacon csa frame...

Realtek RTL8710 Buffer Overflow Vulnerability (CNVD-2021-56811)

The Realtek RTL8710 is an IoT microcontroller from Realtek Semiconductor Taiwan, China.The Realtek RTL8710 suffers from a buffer overflow vulnerability that could be exploited by attackers to remotely execute code via the "memcpy" function...

Realtek RTL8710 Buffer Overflow Vulnerability

The Realtek RTL8710, an IoT microcontroller from Realtek Semiconductor Taiwan, China, suffers from a buffer overflow vulnerability that could be exploited to send a manual "Encrypted GTK" value as part of a as part of a WPA2 4-way handshake...

Zephyr 安全漏洞

Zephyr is an open source, small, scalable real-time operating system. Zephyr suffers from a security vulnerability that stems from the fact that when setup in conjunction with littlefs, MCUmgr can be used to extract all security-related information from the device. No details of the vulnerability...

CVE-2020-12061

An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attack...

CVE-2020-12061

An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attack...

CVE-2020-12061

An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attack...

PT-2021-9436 · Nitrokey · Nitrokey Fido U2F

Name of the Vulnerable Software and Affected Versions: Nitrokey FIDO U2F firmware versions through 1.1 Description: An issue in the communication between the microcontroller and the secure element allows an adversary to eavesdrop and derive secrets stored in the microcontroller, enabling arbitrar...

CVE-2021-22677

An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to...

Texas Instruments TI-RTOS-MCU 输入验证错误漏洞

The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. The Texas Instruments TI-RTOS-MCU has an input validation error vulnerability that originates from returning a valid pointer to a small buffer on a...

Texas Instruments SimpleLink 输入验证错误漏洞

Texas Instruments SimpleLink is an ultra-low power wireless microcontroller from Texas Instruments. An integer overflow or wrap-around vulnerability exists in multiple Texas Instruments products that originates from an integer overflow in the host MCU's api when attempting to connect to a WIFI...

PT-2021-2224 · Silicon · Uc/Tcp-Ip

Name of the Vulnerable Software and Affected Versions: Silicon Labs uC/TCP-IP version 3.6.0 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the stack protocol used by uC/OS and uC/TCP-IP. This could allow a remote attacker to gain unauthorized...

Realtek RTL8195A Buffer Overflow Vulnerability

The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...

Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56817)

The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...

Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56814)

The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...

Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56815)

The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...

Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56816)

The Realtek RTL8195A is an IoT microcontroller from Realtek Semiconductor Taiwan, China.A buffer overflow vulnerability exists in versions prior to the Realtek RTL8195A 2.08, which could be exploited by an attacker to inject crafted packets into a WPA2 handshake to emulate an access point and...

Gigadevice GD32F103 Code Execution Vulnerability

The Gigadevice GD32F103 is a Mega Easy microcontroller device. The Gigadevice GD32F103 security protection suffers from a code execution vulnerability that can be exploited by a physically-accessible attacker to submit a special request, redirect control flow and execute arbitrary code...

Buffer Overflow Vulnerability in Multiple Realtek Products

Realtek RTL8195AM and others are an IoT microcontroller from Realtek Semiconductor Taiwan, China. A buffer overflow vulnerability exists in several Realtek products. A remote attacker can exploit this vulnerability to execute arbitrary code on a system with the help of specially crafted EAPOL-Key...

ThunderSpy

A combination of vulnerabilities for the Thunderbolt protocol have been announced that allow a malicious actor to access most machines with a Thunderbolt port and bypass security restrictions on the device. Recent assessments: agalauner-r7 at May 11, 2020 4:37pm UTC reported: The risks of DMA...