PT-2026-45914

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

CVE-2026-40094 nimiq-blockchain: network-libp2p untrusted peer can crash address book via empty peer contact addresses

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book, eventually leading to address book crash. A PeerContact can...

Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

A new Android backdoor that's embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky. The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu , in the firmware of devices associated with...

CVE-2025-34503

Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...

CVE-2025-34503 Shuffle Master Deck Mate 1 Unauthenticated EEPROM Firmware Execution

Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...

PT-2025-43689

Name of the Vulnerable Software and Affected Versions Deck Mate 1 affected versions not specified Description Deck Mate 1 executes firmware directly from an external EEPROM without verifying its authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to execu...

Files or Directories Accessible to External Parties

Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the signing verification process, allowing an attacker to replace an existing signed update with another payload and bypass Sparkle’s EdDSA signing checks. Remediation Upgrade...

UBUNTU-CVE-2025-0509

A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s EdDSA signing checks...

Warning: ASUS Software Update Server Hacked to Distribute Malware

Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million...

Design/Logic Flaw

The auto-update feature of Open Embedded Linux Entertainment Center OpenELEC 6.0.3, 7.0.1, and 8.0.4 uses neither encrypted connections nor signed updates. A man-in-the-middle attacker could manipulate the update packages to gain root access remotely...

CVE-2017-6445

OpenELEC has a CVE-2017-6445 issue affecting the auto-update feature in OpenELEC 6.0.3, 7.0.1, and 8.0.4. The update process uses neither encrypted connections nor signed updates, enabling a man-in-the-middle attacker to tamper with update packages and gain root access remotely. The description a...

Inside The Google Chrome OS Security Model

Google plans to use a combination of system hardening, process isolation, verified boot, secure auto-update and encryption to thwart malicious hackers from planting malware on its new Google Chrome OS. Much like the Google Chrome browser, the operating system will use process sandboxing as the ke...