779 matches found
CVE-2020-27402
The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port UART connection or using adb...
CVE-2020-27402
The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port UART connection or using adb...
CVE-2020-27402
The CVE-2020-27402 entry concerns the HK1 Box S905X3 TV Box, where a local unprivileged user can escalate to root by abusing the /system/xbin/su binary over a serial UART connection or via adb. The connected documents confirm the vulnerability vector is local (no user interaction required) and re...
kernel: use-after-free in drivers/bluetooth/hci_ldisc.c
A flaw was found in the Linux kernel's implementation of the HCI UART driver. A local attacker with access permissions to the Bluetooth device can issue an ioctl, which triggers the hciuartsetproto function in drivers/bluetooth/hcildisc.c. The flaw in this function can cause memory corruption or ...
kernel: use-after-free in drivers/bluetooth/hci_ldisc.c
A flaw was found in the Linux kernel's implementation of the HCI UART driver. A local attacker with access permissions to the Bluetooth device can issue an ioctl, which triggers the hciuartsetproto function in drivers/bluetooth/hcildisc.c. The flaw in this function can cause memory corruption or ...
kernel: use-after-free in drivers/bluetooth/hci_ldisc.c
A flaw was found in the Linux kernel's implementation of the HCI UART driver. A local attacker with access permissions to the Bluetooth device can issue an ioctl, which triggers the hciuartsetproto function in drivers/bluetooth/hcildisc.c. The flaw in this function can cause memory corruption or ...
CVE-2020-15483
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port provides a shell, without requiring a password, with complete access...
CVE-2020-15483
CVE-2020-15483 affects Nescomed Multipara Monitor M1000 devices. The issue is a passwordless, full-access shell via the physical UART debug port, granting local/physical access with high impact on confidentiality, integrity, and availability. Public documentation in NVD/Red Hat confirms the UART ...
CVE-2020-15483
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port provides a shell, without requiring a password, with complete access...
openthread:ncp-uart-received-fuzzer: Memcpy-param-overlap in ot::Message::Write
Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5748343379329024 Project: openthread Fuzzing Engine: honggfuzz Fuzz Target: ncp-uart-received-fuzzer Job Type: honggfuzzasanopenthread Platform Id: linux Crash Type: Memcpy-param-overlap Crash...
PT-2020-14450 · Nescomed · Nescomed Multipara Monitor M1000
Name of the Vulnerable Software and Affected Versions: Nescomed Multipara Monitor M1000 devices affected versions not specified Description: An issue was discovered where the physical UART debug port on the devices provides a shell without requiring a password, giving complete access...
‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product
ARCHIVED STORY ‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product By Douglas McKee · August 18, 2020 Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report. The Internet of Things promises to make our lives easier. Want to remotely turn...
Design/Logic Flaw
An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as t...
Pwning smart garage door openers
TL;DR We reversed a smart garage door opener, which appeared pretty secure at first: The firmware was encrypted, debug access was restricted, the web server wasn’t running as root, it had unique passwords per device But we found a way in, allowing us to open all the garage doors …And made it play...
openthread:ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::NetworkData::PrefixTlv::GetPrefixLength
Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5416643298852864 Project: openthread Fuzzing Engine: libFuzzer Fuzz Target: ncp-uart-received-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow READ...
Siemens Simatic Improper Input Validation
A vulnerability has been identified in SIMATIC S7-1200 CPU family incl. SIPLUS variants All versions, SIMATIC S7-1200 CPU family V4.x incl. SIPLUS variants All versions, SIMATIC S7-1200 CPU family V4.x incl. SIPLUS variants All versions with Function State FS 11, SIMATIC S7-200 SMART CPU CR20s 6E...
CVE-2020-8157
UniFi Cloud Key firmware = v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface UART...
Design/Logic Flaw
UniFi Cloud Key firmware = v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface UART...
CVE-2020-8157
The CVE concerns UniFi Cloud Key firmware for gen2/gen2 Plus (versions ≤ 1.1.10) where an unrestricted root access via the serial UART interface is possible. Affected component: Cloud Key firmware; root access through UART is the stated impact. Remediation: upgrade to firmware 1.1.11 (per the lin...
The vulnerabilities of the functions hci_uart_register_dev() and hci_uart_set_proto() in the Linux operating system allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerabilities of the functions hciuartregisterdev and hciuartsetproto drivers/bluetooth/hcildisc.c in the Linux operating system are related to the use of memory after it is freed. Exploiting these vulnerabilities could allow an attacker to compromise the confidentiality, integrity, and...