EUVD-2026-32150

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability...

PT-2026-43617

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability...

CVE-2024-47944

The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function...

CVE-2024-47944

The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function...

CVE-2024-47944 Missing Protection Mechanism for Alternate Hardware Interface

The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function...

Oracle Linux 9 : grub2 (ELSA-2024-0468)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0468 advisory. 2.06-70.0.2.2 - search command: add flag to only search root dev - Resolves: CVE-2023-4001 Tenable has extracted the preceding description block directly from t...

AlmaLinux 9 : grub2 (ALSA-2024:0468)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0468 advisory. - An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the passwor...

CVE-2023-4001 Grub2: bypass the grub password protection feature

An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a fil...

CVE-2023-4212

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick...

CVE-2023-4212

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick...

CVE-2023-4212 Trane Thermostats Injection

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick...

A week in security (June 27 – July 3)

Last week on Malwarebytes Labs: Ransomware review: June 2022 AstraLocker 2.0 ransomware isn’t going to give you your files back YTStealer targets YouTube content creators ZuoRAT is a sophisticated malware that mainly targets SOHO routers Amazon Photos vulnerability could have given attackers acce...

City worker loses USB stick containing data on every resident after day of drinking

A person working in the city of Amagasaki, in Western Japan, has mislaid a USB stick which contained data on the citys 460,000 residents. The USB drive was in a bag that went missing during a reported day of drinking and dining at a restaurant last Tuesday. The person reported it to the police th...

CVE-2021-30066

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification for a USB stick can be bypassed. NOTE: this issue exists because of an...

CVE-2021-30061

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick...

Code injection

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick...

CVE-2021-30066

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification for a USB stick can be bypassed. NOTE: this issue exists because of an...

CVE-2021-30061

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick...

CVE-2020-0256

An out-of-bounds write flaw was found in gdisks' LoadPartitionTable function of 'gpt.cc'. The exploitation of this flaw requires the use of a malicious storage device for example, a USB Stick that can cause a crash when physically inserted into the system and possible local privilege escalation...

GLSA-202105-03 : GPT fdisk: Integer underflow

The remote host is affected by the vulnerability described in GLSA-202105-03 GPT fdisk: Integer underflow It was discovered that ReadLogicalParts function in basicmbr.cc was missing a bounds check. Impact : A local attacker could entice a user to insert a malicious formatted block device USB stic...