13 matches found
PT-2025-15340
Name of the Vulnerable Software and Affected Versions: Galaxy Watch versions prior to SMR Apr-2025 Release 1 Description: The issue is related to improper authorization in the wireless download protocol, allowing physical attackers to update the device unique identifier of Watch devices. This cou...
PT-2025-6173 · Wattsense · Wattsense Bridge
Name of the Vulnerable Software and Affected Versions: Wattsense Bridge devices versions prior to BSP 6.4.1 Description: A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well...
PT-2024-7445 · Samsung · Samsung Android
Name of the Vulnerable Software and Affected Versions: Samsung Android mobile devices affected versions not specified Samsung Android mobile devices versions prior to SMR May-2024 Release 1 Description: The issue is related to weaknesses in the authentication procedure of the bootloader component...
Mitsubishi Electric MELSEC iQ-F Series Insufficient Resource Pool (CVE-2023-7033)
Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote attacker to cause a temporary Denial of Service condition for a certain period of time in Ethernet communication of the products by performing TCP SYN...
PT-2023-27129 · Unknown · Suleve 5-In-1 Smart Door Lock
Name of the Vulnerable Software and Affected Versions: Suleve 5-in-1 Smart Door Lock version v1.0 Description: The issue is related to missing encryption in the RFID tag of the Suleve 5-in-1 Smart Door Lock, which allows attackers to create a cloned tag via brief physical proximity to the origina...
PT-2023-4274 · Unknown · Cp-8050 Master Module +1
Name of the Vulnerable Software and Affected Versions: CP-8031 MASTER MODULE versions prior to CPCI85 V05 CP-8050 MASTER MODULE versions prior to CPCI85 V05 Description: A vulnerability has been identified that involves the use of hard-coded credentials in the firmware of the affected devices. Th...
PT-2023-22650 · Shenzen Tenda Technology · Tenda Ip Camera Cp3
Name of the Vulnerable Software and Affected Versions: Shenzen Tenda Technology IP Camera CP3 version V11.10.00.2211041355 Description: The issue concerns physical access to U-Boot via the UART, where the Wi-Fi password is exposed, and a hardcoded boot password can be used for console access...
Mitsubishi Electric GT SoftGOT2000
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: GT SoftGOT2000 Vulnerability: Operating System OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
CVE-2022-3312
Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. Chromium security severity: Medium...
PT-2022-19929 · Lepin · Lepin Ep-Kp001
Name of the Vulnerable Software and Affected Versions: Lepin EP-KP001 versions through KP001 V19 Description: The issue is due to an insecure design, allowing an authentication bypass attack. This enables an attacker to gain access to stored encrypted data by replacing the microcontroller on a...
Medium: gnome-shell
Issue Overview: It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions. CVE-2019-3820 Affected...
Information disclosure
The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen...
Capsule Technologies SmartLinx Neuron 2 restricted environment protection mechanism failure vulnerability
Summary A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in ful...