15 matches found
CVE-2017-18347
Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug SWD commands because there is a race condition between full initialization of the SWD...
CVE-2025-36753
The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...
EUVD-2025-203255
The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...
CVE-2025-36753
The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...
CVE-2025-36753
The CVE-2025-36753 entry concerns the Growatt ShineLan-X dongle with the SWD debug interface enabled by default. The exposed SWD interface allows an attacker to gain debug access and potentially extract secrets or domains from the device. The root cause is the default-access SWD debug interface; ...
CVE-2025-36753 SWD Interface Open on Growatt ShineLan-X
The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...
Growatt ShineLan-X 安全漏洞
Growatt ShineLan-X is a data logger for PV inverters from Growatt China. A security vulnerability exists in Growatt ShineLan-X, which stems from the SWD debugging interface enabled by default and could lead to the extraction of device secrets or domains...
EUVD-2017-9472
Malware in sbrugna...
EUVD-2021-22589
Malware in sbrugna...
CVE-2021-35954
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD feature...
CVE-2021-35954
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD feature...
CVE-2021-35954
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD feature...
PT-2022-10481 · Unknown · Fastrack Reflex 2.0
Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker version 90.89 Description: The issue allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD...
CVE-2017-18347
Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug SWD commands because there is a race condition between full initialization of the SWD...
CVE-2017-18347
CVE-2017-18347 affects STMicroelectronics STM32F0 series devices; the root cause is a race condition between full SWD interface initialization and flash protection setup, enabling physically present attackers to extract protected firmware via a specific SWD command sequence on Level 1 RDP. The co...