CVE-2023-24500 Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW

Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW...

CVE-2023-24500 Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW

Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW...

PT-2023-19647 · Electra · Electra Central Ac Unit

Name of the Vulnerable Software and Affected Versions: Electra Central AC unit affected versions not specified Description: The issue allows an adjacent attacker to cause the unit to load unauthorized firmware. Recommendations: At the moment, there is no information about a newer version that...

PT-2023-19650 · Electra · Electra Central Ac Unit

Name of the Vulnerable Software and Affected Versions: Electra Central AC unit affected versions not specified Description: The issue allows an adjacent attacker to cause the unit to load unauthorized firmware. Recommendations: At the moment, there is no information about a newer version that...

PT-2023-19649 · Electra · Electra Central Ac Unit

Name of the Vulnerable Software and Affected Versions: Electra Central AC unit affected versions not specified Description: The issue concerns an Electra Central AC unit that opens an Access Point AP with a password that can be easily calculated. Recommendations: At the moment, there is no...

PT-2023-19651 · Electra · Electra Central Ac Unit

Name of the Vulnerable Software and Affected Versions: Electra Central AC unit affected versions not specified Description: The issue allows an adjacent attacker to cause the unit to connect to an unauthorized update server. Recommendations: At the moment, there is no information about a newer...

PT-2023-19648 · Electra · Electra Central Ac Unit

Name of the Vulnerable Software and Affected Versions: Electra Central AC unit affected versions not specified Description: The issue concerns hardcoded credentials in unspecified code used by the Electra Central AC unit. There is no information provided about the estimated number of potentially...

CVE-2023-24501

CVE-2023-24501 affects the Electra Central AC unit, where hardcoded credentials are present in unspecified code used by the unit. The security impact is high across confidentiality, integrity, and availability, with a network attack surface and no user interaction required. The available document...

CVE-2023-24502

The CVE-2023-24502 entry concerns Electra Central AC unit where the device opens an access point secured by an easily calculated password. The connected sources confirm this weakness, but do not provide concrete exploit vectors, affected firmware versions, or remediation details. Some entries not...

CVE-2023-24503

The CVE-2023-24503 entry concerns the Electra Central AC unit (Electra Smart Kit for Split AC). The connected records describe an adjacent- attacker capability to cause the unit to load unauthorized firmware, indicating the vulnerable component/process is tied to firmware loading mechanisms. Spec...

PT-2023-4754 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A heap out-of-bounds read/write issue in the Linux Kernel traffic control QoS subsystem can be exploited to achieve local privilege escalation. The qfq change class function does not...

The vulnerability of the NPU driver for Samsung Exynos Android operating systems allows attackers to execute arbitrary code.

The vulnerability of the NPU driver for Samsung Exynos Android operating systems is related to incorrect handling of exceptional states. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

PT-2023-9517 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the dfe unit col loci component of openlink virtuoso-opensource, which is associated with the improper neutralization of special elements used in SQL commands. Th...

ATEN International PE8108 安全漏洞

The ATEN International PE8108 is an intelligent PDU from China-based ATEN International. A security vulnerability exists in ATEN International PE8108 version 2.4.232, which stems from incorrect access control...

ARM Mali GPU Kernel Driver 缓冲区错误漏洞

ARM Mali GPU Kernel Driver is a driver for a graphics processor unit from ARM UK. A security vulnerability exists in the ARM Mali GPU Kernel Driver that originates from an unprivileged user being able to perform incorrect GPU memory handling operations to access a limited amount outside of buffer...

ATEN International PE8108 跨站请求伪造漏洞

The ATEN International PE8108 is an intelligent PDU from ATEN International. A security vulnerability exists in ATEN International PE8108 version 2.4.232, which is susceptible to Cross Site Request Forgery CSRF attacks...

ATEN International PE8108 安全漏洞

The ATEN International PE8108 is an intelligent PDU from China-based ATEN International. A security vulnerability exists in ATEN International PE8108 version 2.4.232, which stems from incorrect access control...

ATEN International PE8108 安全漏洞

The ATEN International PE8108 is an intelligent PDU from China-based ATEN International. A security vulnerability exists in ATEN International PE8108 version 2.4.232, which stems from incorrect access control...

Supermicro X11 安全漏洞

The Supermicro X11 is a server motherboard from Supermicro. A security vulnerability exists in the Supermicro X11SSL-CF HW Rev 1.01, BMC firmware version 1.63, which stems from the BMC having an internal IC bus that causes the voltage to vary outside of the CPU's specified operating range, thus...

CVE-2023-26866

GreenPacket OH736's WR-1200 Indoor Unit, OT-235 with firmware versions M-IDU-1.6.0.3V1.1 and MH-46360-2.0.3-R5-GP respectively are vulnerable to remote command injection. Commands are executed using pre-login execution and executed with root privileges allowing complete takeover...