CVE-2026-1408

CVE-2026-1408 affects Beetel 777VR1 (firmware up to 01.00.09/01.00.09_55) in its UART Interface code. The disclosed weakness allows manipulation that can enforce weaker password requirements on a physically targetable device. The attack requires physical access and is described as high complexity...

CVE-2026-1407

A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.0955. This affects an unknown part of the component UART Interface. Performing a manipulation results in information disclosure. The attack may be carried out on the physical device. The attack is considered to have high...

CVE-2026-1407 Beetel 777VR1 UART information disclosure

A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.0955. This affects an unknown part of the component UART Interface. Performing a manipulation results in information disclosure. The attack may be carried out on the physical device. The attack is considered to have high...

CVE-2026-1407 Beetel 777VR1 UART information disclosure

A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.0955. This affects an unknown part of the component UART Interface. Performing a manipulation results in information disclosure. The attack may be carried out on the physical device. The attack is considered to have high...

CVE-2026-1407

CVE-2026-1407 affects Beetel 777VR1 UART Interface (versions up to 01.00.09/01.00.09_55). The vulnerability allows an attacker to cause information disclosure by manipulating the device. The attack is described as physical access dependent and of high complexity; exploitation is indicated as diff...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38416)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38416 advisory. - In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38265)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38265 advisory. - In the Linux kernel, the following vulnerability has been resolved: serial: jsm: fix NPE during...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003757)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003757 advisory. A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003673 advisory. A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and...

CVE-2025-65396

A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by inducing a read error from the SPI flash memory during the...

CVE-2025-65396

A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by inducing a read error from the SPI flash memory during the...

CVE-2026-22211 TinyOS <= 2.1.2 Global Buffer Overflow in printfUART

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack. The implementation formats output into a fixed-size global buffer and concatenates strings for %s...

CVE-2025-67399

CVE-2025-67399 concerns the AIRTH SMART HOME AQI MONITOR Bootloader v1.005. The issue enables a physically proximate attacker to access sensitive information via the UART port on the BK7231N controller (Wi‑Fi/BLE module) due to exposed UART access. Impact is information disclosure (confidential d...

PT-2026-2909

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack. The implementation formats output into a fixed-size global buffer and concatenates strings for %s...

CVE-2025-67399

An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005 allows a physically proximate attacker to obtain sensitive information via the UART port of the BK7231N controller Wi-Fi and BLE module on the device is open to access...

CVE-2025-67399

An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005 allows a physically proximate attacker to obtain sensitive information via the UART port of the BK7231N controller Wi-Fi and BLE module on the device is open to access...

CVE-2025-65396

Affected product: Blurams Flare Camera (versions 24.1114.151.929 and earlier). Vulnerability cause: In the boot process, a read error from the SPI flash memory is induced by shorting a data pin to ground, allowing a physically proximate attacker to hijack the boot mechanism and gain a bootloader ...

CVE-2018-12259

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise...

CVE-2025-65731

An issue was discovered in D-Link Router DIR-605L Hardware version F1; Firmware version: V6.02CN02 allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access control...

PT-2026-1849

Name of the Vulnerable Software and Affected Versions D-Link Router DIR-605L version V6.02CN02 Hardware version F1 Description An issue exists in D-Link Router DIR-605L that allows an attacker with physical access to the UART pins to execute arbitrary commands. This is due to the presence of root...