CVE-2025-15083

TOZED ZLT M30s devices (

EUVD-2025-203758

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

UBUNTU-CVE-2025-68311

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

Linux Distros Unpatched Vulnerability : CVE-2025-68311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 serial: core: Start managing serial controllers to enable runtime PM serial...

CVE-2025-65821

As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sensitive information such as details about the current and previous Wi-Fi network from the NVS partition. Additionally, this allows the adversary to...

CVE-2025-65821

As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sensitive information such as details about the current and previous Wi-Fi network from the NVS partition. Additionally, this allows the adversary to...

CVE-2025-65821

As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sensitive information such as details about the current and previous Wi-Fi network from the NVS partition. Additionally, this allows the adversary to...

CVE-2025-65825

The firmware on the basestation of the Meatmeet is not encrypted. An adversary with physical access to the Meatmeet device can disassemble the device, connect over UART, and retrieve the firmware dump for analysis. Within the NVS partition they may discover the credentials of the current and...

EUVD-2025-201890

An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device...

CVE-2025-41696

An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device...

CVE-2025-41697

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692...

CVE-2025-41697

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692...

CVE-2025-41696

An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device...

CVE-2025-41696

CVE-2025-41696 describes an attack where an attacker can use an undocumented UART port on the PCB as a side-channel, leveraging user credentials obtained from CVE-2025-41692 to gain read access to parts of the device filesystem. Public Red Hat and EUVD entries corroborate the UART side-channel ve...

CVE-2025-41697

The CVE-2025-41697 entry describes a vulnerability where an attacker can use an undocumented UART port on the PCB as a side-channel to gain root access, leveraging credentials obtained from CVE-2025-41692. The combined chain relies on a hardware-side channel and weak OS credential handling, enabl...

CVE-2025-41697 Shell access to UART Console

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692...

CVE-2025-41697 Shell access to UART Console

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692...

SUSE CVE-2022-50625

In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" 1 documentation describes a generic UART interface. Such generic UART does not support DMA. In current...

Phoenix Contact FL SWITCH 信任管理问题漏洞

The PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A trust management issue vulnerability exists in Phoenix Contact FL SWITCH versions prior to 3.50, which stems from undocumented UART ports and hardcoded credentials that could result in a partial...

PT-2025-49816

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692...