CVE-2024-21944

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

CVE-2024-21944

CVE-2024-21944 maps to an AMD SEV-SNP/ASP issue where SPD metadata can be improperly validated. Research show BadRAM-style exploits that can cause a memory module to misreport size, enabling a local attacker with ring0 or physical access to overwrite guest memory and compromise guest data integri...

CVE-2024-21944

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

LLM Scalability Risk for Agentic-AI and Model Supply Chain Security

Large Language Models LLMs & Generative AI are transforming cybersecurity, enabling both advanced defenses and new attacks. Organizations now use LLMs for threat detection, code review, and DevSecOps automation, while adversaries leverage them to produce malwares and run targeted social-engineeri...

CVE-2026-20962

Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...

CVE-2026-20962

Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...

CVE-2026-20962

Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...

CVE-2026-20962 Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability

...

CVE-2026-20962 Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability

...

CVE-2026-20962

CVE-2026-20962 is described as a local-information-disclosure vulnerability in the Dynamic Root of Trust for Measurement (DRTM) mechanism. The initial and connected sources indicate an issue arising from use of an uninitialized resource, allowing an authorized attacker with local access to disclo...

Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability

Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...

PT-2026-2759

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description The use of an uninitialized resource in Dynamic Root of Trust for Measurement DRTM can allow an authorized attacker to disclose information locally. This issue allows attackers to obtain sensitive information...

CVE-2022-38773

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary cod...

A Single-Root, Multi-Curve, Context-Isolated, PQC-Pluggable Cryptographic Identity Primitive with Stateless Secret Rotation

Cryptographic identity anchors modern decentralized systems, yet current standards like BIP-39 and BIP-32 are structurally insufficient for the demands of multi-curve, multi-domain, and post-quantum PQC environments. These legacy schemes rely on a monolithic identity root with no inherent context...

PT-2025-44225

Name of the Vulnerable Software and Affected Versions Supermicro BMC firmware versions affected versions not specified Description The Supermicro BMC firmware contains a flaw in its validation logic. An attacker can exploit this to update the system firmware with a specially crafted image...

CVE-2025-37147

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...

EUVD-2025-34253

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...

CVE-2025-37147

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...

CVE-2025-37147

CVE-2025-37147 describes a Secure Boot Bypass affecting ArubaOS Aruba Access Points, allowing bypass of the hardware root of trust verification and enabling execution of modified or custom firmware. The vulnerability is supported by multiple sources in the Connected documents, which identify the ...

CVE-2025-37147 Secure Boot Bypass allows for Compromise of Hardware Root of Trust

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware o...