CVE-2022-32506

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...

CVE-2022-32506

Summary: CVE-2022-32506 relates to Nuki Smart Lock firmware where the root cause involves BLE command access that can be misused. Connected document details (RH entry) describe that some BLE commands, which should be restricted to privileged accounts, could be invoked by unprivileged accounts. Af...

Design/Logic Flaw

fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD feature...

CVE-2021-35954

fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD feature...

CVE-2021-35954

CVE-2021-35954 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. Affected component: Serial Wire Debug (SWD) feature enables physically proximate attackers to dump firmware, flash custom malicious firmware, and brick the device. Base CVSS v3.1 score 8.1 (HIGH) with ADJACENT attack...

CVE-2017-18347

Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug SWD commands because there is a race condition between full initialization of the SWD...

CVE-2017-18347

CVE-2017-18347 affects STMicroelectronics STM32F0 series devices; the root cause is a race condition between full SWD interface initialization and flash protection setup, enabling physically present attackers to extract protected firmware via a specific SWD command sequence on Level 1 RDP. The co...