CVE-2025-65829

The ESP32 system on a chip SoC that powers the Meatmeet basestation device was found to lack Secure Boot. The Secure Boot feature ensures that only authenticated software can execute on the device. The Secure Boot process forms a chain of trust by verifying all mutable software entities involved ...

CVE-2025-37147

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...

CVE-2025-37147

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...

CVE-2025-37147 Secure Boot Bypass allows for Compromise of Hardware Root of Trust

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...

EUVD-2024-48174

Malicious code in bioql PyPI...

CVE-2025-59408

The CVE-2025-59408 entry refers to Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 with Secure Boot disabled, enabling modification of firmware without cryptographic protections. The NVD/NVD-derived descriptions confirm the device can be flashed with modified firmware due to ...

SICK InspectorP61x和SICK InspectorP62x 安全漏洞

The SICK InspectorP61x and SICK InspectorP62x are both ultra-compact industrial 2D vision sensors from SICK, Germany. A security vulnerability exists in the SICK InspectorP61x version prior to 5.0.0 and InspectorP62x version prior to 5.0.0, which stems from an unverified firmware update that allo...

PT-2024-16532 · Device · Device

Name of the Vulnerable Software and Affected Versions: Device affected versions not specified Description: The issue arises from unvalidated firmware updates, allowing an attacker to install modified firmware on the device. This has a significant impact on availability, integrity, and...

CVE-2024-7206

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware...

CVE-2024-7206 Firmware extraction and Hardware SSL Pinning Bypass

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware...

CVE-2024-7206

CVE-2024-7206 corresponds to a vulnerability in eWeLink hardware where SSL pinning can be bypassed. The connected sources indicate that a local attacker can decrypt TLS communications and extract secrets to clone the device by flashing modified firmware. The CNNVD entry specifies the vulnerabilit...

CVE-2024-7206 Firmware extraction and Hardware SSL Pinning Bypass

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware...

Exploit for CVE-2024-44610

CVE-2024-44610: PEAK PCAN-Ethernet Gateway FD DR Authenticated...

CVE-2023-5984

A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified firmware to be uploaded when an authorized admin user begins a firmware update procedure which could result in full control over the device...

Schneider Electric ION8650 and ION8800 Security Vulnerabilities

The Schneider Electric ION8650 and Schneider Electric ION8800 are both next-generation outlet and switchboard meters for utility network monitoring from Schneider Electric France. A security vulnerability exists in the Schneider Electric ION8650 and ION8800 that stems from the presence of a code...

BD Alaris System with Guardrails Suite MX

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION : Low attack complexity Vendor : Becton, Dickinson and Company BD Equipment : Alaris PCU, Guardrails Editor, Systems Manager, Calculation Services, CQI Reporter Vulnerabilities : Insufficient Verification of Data Authenticity, Missing...

CVE-2023-28337

When uploading a firmware image to a Netgear Nighthawk Wifi6 Router RAX30, a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. End users can use this to upload modified, unofficial, and potentially malicious firmware to the...

CVE-2023-28337

When uploading a firmware image to a Netgear Nighthawk Wifi6 Router RAX30, a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. End users can use this to upload modified, unofficial, and potentially malicious firmware to the...

Design/Logic Flaw

The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs...

PT-2023-12768 · Nokia · Nokia Asik Airscale System Module

Name of the Vulnerable Software and Affected Versions: Nokia ASIK AirScale system module version 474021A.101 Description: The signature check in the Nokia ASIK AirScale system module can be bypassed, allowing an attacker to run modified firmware. This could result in the execution of a malicious...