Privilege escalation

An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...

CVE-2021-41613

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The write logic of Exception Effective Address Register EEAR is not implemented correctly. User programs from authorized privilege levels will be unable to write to EEAR...

OR1200 授权问题漏洞

OR1200 is an OpenRISC 1200 implementation of the OpenRISC open source. A security vulnerability exists in OR1200 that stems from the ALU unit not updating the overflow flags for the msb and mac instructions, resulting in incorrect values in the overflow flags...

OR1200 授权问题漏洞

OR1200 is an OpenRISC 1200 implementation of the OpenRISC open source. A security vulnerability exists in OR1200 that stems from the overflow flag of a subtraction instruction in an ALU unit not being updated correctly, resulting in an incorrect value in the overflow flag...

OpenRISC mor1kx 安全漏洞

mor1kx is an OpenRISC 1000 processor IP core open sourced from OpenRISC. A security vulnerability exists in OpenRISC mor1kx, which arises from an exceptionally valid address register in the control unit that does not properly implement write logic...

CVE-2021-40507

The CVE-2021-40507 issue affects the OR1200/OpenRISC 1200 ALU: the subtraction instruction fails to update the overflow flag, yielding an incorrect flag value. Affected hardware: OR1200/OpenRISC 1200 processors with versions from 2011-09-10 through 2015-11-11. Impact: software relying on the over...

PT-2023-12377 · Unknown · Openrisc Mor1Kx

Name of the Vulnerable Software and Affected Versions: OpenRISC mor1kx processor affected versions not specified Description: An issue was discovered in the ALU unit of the OpenRISC mor1kx processor, where the carry flag is not being updated correctly for the subtract instruction. This results in...

CVE-2021-41612

An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...

PT-2023-12363 · Or1200 · Or1200

Name of the Vulnerable Software and Affected Versions: OR1200 aka OpenRISC 1200 processor versions 2011-09-10 through 2015-11-11 Description: An issue in the ALU unit of the processor causes the overflow flag not to be updated for the msb and mac instructions, resulting in an incorrect value in t...

CVE-2021-40506

Summary of CVE-2021-40506 (OR1200/OpenRISC 1200) : The ALU unit fails to update the overflow flag for the msb and mac instructions in OR1200 processors dated 2011-09-10 through 2015-11-11, causing an incorrect overflow flag value. This can lead to execution corruption in software that relies on t...

CVE-2021-41614

The CVE-2021-41614 issue affects the OpenRISC mor1kx processor controller unit, where the EPCR read/write permissions are not enforced correctly, allowing read/write access to EPCR from an unauthorized privilege level. Root cause: incorrect implementation of EPCR access control in the controller ...

CVE-2021-40507

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated correctly for the subtract instruction, which results in an incorrect value in the overflow flag. Any software that relies on this flag may...

CVE-2021-40506

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated for the msb and mac instructions, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience...

CVE-2023-24500

Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW...

CVE-2023-24503

Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW...

Code injection

Electra Central AC unit – Adjacent attacker may cause the unit to connect to unauthorized update server...

Hardcoded credentials

Electra Central AC unit – Hardcoded Credentials in unspecified code used by the unit...

Path traversal

Electra Central AC unit – The unit opens an AP with an easily calculated password...

CVE-2023-24500 Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW

Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW...

CVE-2023-24500 Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW

Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW...