The vulnerability of microprogramming software in media devices from Valve’s Steam Link, related to the reduction of passwords to 8 characters, allows attackers to gain access to the device with root privileges.

The vulnerability of microprogramming software in media devices from Valve’s Steam Link stems from the fact that the password for the root account is shortened to 8 characters due to the use of the cryptographic protocol DES. Exploiting this vulnerability allows a malicious actor to gain access t...

Multiple vulnerabilities in the Intel Management Engine subsystem of the Microprogramming Software for the Platform Controller Hub family, which allow attackers to enhance their privileges

The multiple vulnerabilities of the Intel Management Engine sub-system within the microprogramming software of the Platform Controller Hub PCH family, which serve as south bridges, are caused by buffer overflows. These vulnerabilities are related to deficiencies in access control. Exploiting thes...

Multiple vulnerabilities in the Intel Server Platform Services (SPS) subsystem of the Platform Controller Hub microprogramming system, which allow unauthorized code to be executed

The multiple vulnerabilities of the Intel Server Platform Services SPS subsystem, which are part of the Platform Controller Hub PCH microcontroller-based software family and serve as south bridges, are caused by buffer overflows. Exploitation of these vulnerabilities could allow an attacker to...

The vulnerability of the implementation of the direct authentication service for microprogramming software in Cisco Adaptive Security Appliance (ASA) allows a attacker to cause a service failure.

The vulnerability of the direct authentication service for microprogramming software in Cisco Adaptive Security Appliance ASA devices is related to insufficient checking of HTTP request headers. Exploiting this vulnerability can allow a malicious actor to trigger a system reboot and a service...

The vulnerability of microprogramming software that uses UEFI (BIOS) stems from improper handling of code generation, allowing attackers to bypass System Protection mechanisms such as Device Guard and Hyper-V.

The vulnerability of microprogramming software that uses UEFI BIOS in Lenovo products is related to improper code generation. Exploiting this vulnerability allows a malicious actor, whether operating remotely with administrator privileges or locally, to execute specially crafted code that bypasse...

The vulnerability of the Samsung Galaxy S4’s microprogrammed software driver allows a perpetrator to cause a service failure or gain increased privileges.

The vulnerability of the Samsung ExtDisp driver for kernel version 3.4 or earlier in the microprogramming software of the Samsung Galaxy S4 device is caused by a buffer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure memory corruption or gain elevated...

The vulnerability of the OEM microprogramming software component of Qualcomm Secure Execution Environment allows a perpetrator to trigger a service failure or exert other effects on the system.

The vulnerability of the OEM microprogramming software component of Qualcomm Secure Execution Environment for Android, originating from the CAF repository, is related to buffer overflow attacks. Exploiting this vulnerability can allow a malicious actor to trigger service failures or cause other...

The vulnerability of Qualcomm’s TrustZone microprogramming software technology, which allows attackers to circumvent existing access control policies.

The vulnerability of Qualcomm’s TrustZone microprogramming software lies in a numerical overflow condition that causes an operation to escape outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to bypass existing access control policies...

The vulnerability of the microprogramming software in Broadcom’s Linux operating system Wi-Fi kernels allows a hacker to execute arbitrary code.

The vulnerability of Broadcom’s Linux operating system Wi-Fi kernel microprogramming software is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the context of a single-Chip Wi-Fi system...

The vulnerability of microprogramming software on motherboards with Intel chips allows a hacker to gain control over the system.

The vulnerability of the SMM driver in the AMI USB-Rt microprogramming system for motherboards with Intel chips is related to errors in the operation of the SMI system interrupt handler. Exploiting this vulnerability allows a local attacker to gain full control over the system—by disabling the...

The vulnerability of Cisco Adaptive Security Appliance’s microprogramming software allows a perpetrator to bypass the access control list configuration.

The vulnerabilities of the Border Gateway Protocol BGP and Bidirectional Forwarding Detection BFD components of the Cisco Adaptive Security Appliance software-related networking devices are related to deficiencies in access control for certain functions. Exploiting these vulnerabilities can allow...

The vulnerability of the microprogramming software of the Cisco TelePresence Server allows a hacker to simulate the endpoints of the server.

The vulnerability of the Privilege software interface of the Cisco TelePresence Server control device’s microprogramming system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to simulate the behavior of the server’s endpoints remotely...

The vulnerability of Cisco Adaptive Security Appliance’s microprogramming software allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of Cisco Adaptive Security Appliance’s microprogramming software is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor, who operates remotely and has completed the authentication process, to trigger a service failure device reboot or execute...

The vulnerability of the microprogramming software of the Cisco TelePresence Video Communication Server allows a perpetrator to bypass the authentication process.

The vulnerability of the Mobile and Remote Access MRA component of the Cisco TelePresence Video Communication Server software exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor to bypass authentication procedures using a trusted...

The vulnerability of the microprogramming software of Cisco RV130W, Cisco RV215W, and Cisco RV110W allows a hacker to inject arbitrary Web or HTML code.

The vulnerability of the web interface configuration of microprogramming software for Cisco RV130W, Cisco RV215W, and Cisco RV110W exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary Web or...

The vulnerability of the microprogramming software in the Solar-Log photovoltaic system allows a remote attacker to gain unauthorized access to confidential information.

The vulnerability of the Microprogramming Software in the Solar-log photovoltaic system arises from the lack of password protection for CGI scripts used for data backup, restoration, and system configuration. Exploiting this vulnerability allows a malicious individual to gain unauthorized access ...

The vulnerability of microprogramming software in IBM and Lenovo laptops allows attackers to gain access to confidential information.

The microprogramming software of IBM and Lenovo laptops does not perform buffer cleanup after the password input process is completed. As a result, local malicious individuals can gain access to the BIOS password by directly reading the physical memory addresses used as buffers...

Vulnerability of Intel motherboard’s microprogramming software, allowing local malicious actors to alter computer operating parameters

Intel motherboard microprogramming software does not limit access to the menu for selecting the boot device. As a result, a local malicious individual can modify the default boot device without going through the authentication process...

The vulnerability of Lexmark’s microprogramming software allows a hacker to obtain confidential information.

The vulnerability of Lexmark’s microprogramming software is related to the lack of protection for operational data. Exploiting this vulnerability can allow a local attacker to obtain confidential information by directly reading data from non-volatile memory...

The vulnerability of the microprogramming software of the SysLINK M2M Modular Gateway allows a perpetrator to gain access to the device.

The vulnerability of the web interface of the SysLINK M2M Modular Gateway software lies in the use of a default password. Exploiting this vulnerability could allow an attacker to gain access to the device remotely...