282 matches found
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
CVE-2021-28460
Azure Sphere Unsigned Code Execution Vulnerability...
Remote code execution
Azure Sphere Unsigned Code Execution Vulnerability...
CVE-2021-28460 Azure Sphere Unsigned Code Execution Vulnerability
...
Azure Sphere Unsigned Code Execution Vulnerability
...
Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability
Summary An unsigned code execution vulnerability exists in the Linux namespace ptrace functionality of Microsoft Azure Sphere 21.01. Specially crafted shellcode could allow an adversary to execute unsigned code. An attacker can change the namespace and use ptrace to modify the code of a running...
Microsoft Azure Sphere 安全漏洞
Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A security vulnerability exists in Microsoft Azure Sphere that originates from unsigned code execution...
Microsoft Azure Sphere mount namespace unsigned code execution vulnerability
Summary An unsigned code execution vulnerability exists in the mount namespace functionality of Microsoft Azure Sphere 21.01. A specially crafted shellcode could allow an adversary to execute an arbitrary binary in a tmpfs mount, leading to unsigned code execution. An attacker can switch to a new...
Cisco IOS XE Software ROM Monitor for Industrial Switches Command Injection (cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw)
According to its self-reported version, IOS-XE is affected by a command injection vulnerability due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An unauthenticated, physical attacker can exploit this by setting malicious...
Cisco IOS XE OS Command Injection Vulnerability
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An OS command injection vulnerability exists in ROMMON of Cisco IOS XE. The vulnerability stems from incorrect validation of specific function parameters passed to the startup...
CVE-2021-1449
A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...
CVE-2021-1453
A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...
CVE-2021-1449
A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...
CVE-2021-1441
A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is...
CVE-2021-1452
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
CVE-2021-1441
A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is...
CVE-2021-1452
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
Input validation
A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...
Code injection
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...