33 matches found
Attack Against PC Thunderbolt Port
The attack requires physical access to the computer, but it's pretty devastating: On Thunderbolt-enabled Windows or Linux PCs manufactured before 2019, his technique can bypass the login screen of a sleeping or locked computer -- and even its hard disk encryption -- to gain full access to the...
Inside the Hidden World of Elevator Phone Phreaking
Eavesdropping, reprogramming, talking to strangers: Welcome to the harmless and not-so-harmless fun of hacking elevator call boxes...
Design/Logic Flaw
Marvell SSD Controller 88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098 devices allow reprogramming flash memory to bypass the secure boot protection...
CVE-2019-10636
Marvell SSD Controller 88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098 devices allow reprogramming flash memory to bypass the secure boot protection...
CVE-2019-10636
CVE-2019-10636 affects Marvell SSD Controller devices (88SS10xx family) and enables reprogramming of flash memory to bypass the secure boot protection mechanism. The description lists numerous controller variants (e.g., 88SS1074/1079/1080/1093/1092/1095/9174/9175/9187/9188/9189/9190/1085/1087/109...
CVE-2018-17923
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that an attacker with physical access to the product may able to reprogram it...
Code injection
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that an attacker with physical access to the product may able to reprogram it...
CVE-2018-17923
The connected reports confirm a concrete vulnerability in GAIN Electronic’s SAGA1-L8B firmware prior to A0.10. The root cause is in the device programming mechanism, allowing an attacker with physical access to bypass authentication and reprogram the firmware. ZDI-18-1318 notes this can enable fi...
CVE-2013-2820
The Sierra Wireless AirLink Raven X EV-DO gateway 42214.0.11.003 and 42284.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388...
CVE-2013-2819
The Sierra Wireless AirLink Raven X EV-DO gateway 42214.0.11.003 and 42284.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted 1 update or 2 reprogramming action...
Design/Logic Flaw
The Sierra Wireless AirLink Raven X EV-DO gateway 42214.0.11.003 and 42284.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388...
CVE-2013-2820
The Sierra Wireless AirLink Raven X EV-DO gateway 42214.0.11.003 and 42284.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388...
Sierra Wireless industrial gateways security vulnerabilities
A wireless gateway suitable for a number of industrial applications is vulnerable to remote exploit because of a lack of encryption in its update and reprogramming processes, an advisory from the Industrial Control Systems Cyber Emergency Response Team said yesterday. The Sierra Wireless AirLink...