Lucene search
K

165 matches found

Prion
Prion
added 2020/06/29 2:15 p.m.15 views

Hardcoded credentials

Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to the USB interface from an unauthorized user with physical access. Successful exploitation of this vulnerability may allow an attacker with physical access to th...

3.6CVSS6.5AI score0.00345EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2020/06/29 1:51 p.m.60 views

CVE-2020-12024

CVE-2020-12024 affects Baxter ExactaMix EM2400 (versions 1.10, 1.11, 1.13, 1.14) and ExactaMix EM1200 (versions 1.1, 1.2, 1.4, 1.5). Root cause: inadequate restriction of USB interface access by unauthorized users with physical access, enabling loading of unauthorized payloads or direct hard driv...

6.1CVSS5.9AI score0.00345EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/06/29 1:51 p.m.23 views

CVE-2020-12024

Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to the USB interface from an unauthorized user with physical access. Successful exploitation of this vulnerability may allow an attacker with physical access to th...

6AI score0.00345EPSS
Exploits0References1
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/03/25 7:23 a.m.96 views

Turning an OBD-II reader into a USB / NFC attack tool

One of my favourite sorts of hardware hacking is making a device do something it was never intended for. It's creative, disruptive, and fun. Everyone has their own way of going about things. Different methodologies, habits, and skill sets mean that approaches will be diverse. This is how I work...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/12/13 8:38 p.m.42 views

CVE-2019-19526

A use-after-free flaw was found in the pn533usbprobe USB interface in the Linux kernel. If the driver registration fails it needs to do all the cleanup activity and free all the related resources. A malicious USB device can cause this process to fail, causing a use-after-free vulnerability. Syste...

4.9CVSS1AI score0.00433EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2019/07/04 12:0 a.m.5 views

The vulnerability of the built-in software of the “Granite-Navigator-6.18” device is related to the use of uncontrolled format lines, which allows a perpetrator to cause a service failure.

The vulnerability of the built-in software of the “Granit-Navigator-6.18” device is related to the use of uncontrolled format lines. Exploiting this vulnerability can allow an attacker to trigger a service failure by sending a specially crafted SMS command e.g., BB+GP=vuln%x when connecting to th...

5.3CVSS5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.18 views

Rockwell Automation 1784-U2DN USB Interface Communication Adapter

Binary data 752991.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.16 views

Rockwell Automation 1784-U2CN USB Interface Communication Adapter

Binary data 752990.prm...

7.3AI score
Exploits0
NVD
NVD
added 2018/10/17 3:29 p.m.18 views

CVE-2018-7924

Anne-AL00 Huawei phones with versions earlier than 8.0.0.151C00 have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information...

2.4CVSS3.3AI score0.0023EPSS
Exploits0References1
Prion
Prion
added 2018/10/17 3:29 p.m.17 views

Design/Logic Flaw

Anne-AL00 Huawei phones with versions earlier than 8.0.0.151C00 have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information...

2.1CVSS3.6AI score0.0023EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/10/17 3:0 p.m.21 views

CVE-2018-7924

Anne-AL00 Huawei phones with versions earlier than 8.0.0.151C00 have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information...

3.4AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2018/10/17 3:0 p.m.48 views

CVE-2018-7924

CVE-2018-7924 affects Huawei Anne-AL00 phones with versions earlier than 8.0.0.151(C00). The issue is an information leak caused by improper permission settings for certain USB commands, enabling an attacker with physical access to connect via USB and obtain specific device information. Connected...

2.4CVSS3.7AI score0.0023EPSS
Exploits0References1Affected Software1
Huawei
Huawei
added 2018/10/17 12:0 a.m.27 views

Security Advisory - Information Leak Vulnerability in Some Huawei Smart Phones

Some Huawei phones have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone. Vulnerability ID:...

2.4CVSS3.3AI score0.0023EPSS
Exploits0Affected Software1
Gitee
Gitee
added 2018/06/23 9:35 p.m.9 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Nvidia Tegra_Bootrom_Rcm

This is a proof-of-concept arbitrary code loader for Tegra processors, which takes advantage of CVE-2018-6242 "Fusée Gelée" to gain arbitrary code execution and load small payloads over USB. The vulnerability is documented in the 'report' subfolder, and more details and guides are to follow. The...

7.2CVSS7.3AI score0.0274EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2017/09/01 12:0 a.m.7 views

The vulnerability of the Android operating system from the CAF repository, related to insufficient checking of the USB interface during loading, allows a hacker to execute arbitrary code.

The vulnerability of the Android operating system from the CAF repository arises from the execution of an operation outside the buffer boundaries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, due to insufficient protection of the USB interface during...

10CVSS8.6AI score0.00964EPSS
Exploits0References2
Prion
Prion
added 2017/08/18 6:29 p.m.18 views

Input validation

In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot...

10CVSS7.4AI score0.00964EPSS
Exploits0References3
NVD
NVD
added 2017/08/18 6:29 p.m.16 views

CVE-2014-9981

In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot...

10CVSS8.1AI score0.00964EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/08/18 6:0 p.m.21 views

CVE-2014-9981

In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot...

9.2AI score0.00964EPSS
Exploits0References3
CVE
CVE
added 2017/08/18 6:0 p.m.56 views

CVE-2014-9981

CVE-2014-9981 is reported as a Qualcomm component issue. The connected data indicate a buffer/overflow concern in the USB interface during boot for Qualcomm components used in Android CAF builds running the Linux kernel. The root cause is described as an insufficient overflow check in the USB int...

10CVSS8.9AI score0.00964EPSS
Exploits0References3Affected Software1
myhack58
myhack58
added 2017/05/28 12:0 a.m.544 views

How to pass kernel command injection bypass Nexus 6 safe start mode-bug warning-the black bar safety net

In 2017 5 on the Android security announcements, Google released a security patch that fixes the Nexus 6 bootloader in the discovery of a serious Vulnerability, CVE-2016-10277 in. Exploit this vulnerability, a physical attacker or a already have the bootloader locked down the target device...

9.3CVSS0.6AI score0.09465EPSS
Exploits6
Rows per page
Query Builder