Ilx-f509 Firmware Security Vulnerabilities and Issues — Ilx-f509 Firmware CVE List

Lucene search

AlpsalpineIlx-f509 Firmware

7 matches found

CVE•added 2025/01/31 12:15 a.m.•68 views

CVE-2024-23962

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue resul...

5.3CVSS6.5AI score0.00492EPSS

CVE•added 2025/01/31 12:15 a.m.•60 views

CVE-2024-23963

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists wi...

8CVSS6.8AI score0.00081EPSS

CVE•added 2024/09/28 7:15 a.m.•44 views

CVE-2024-23961

Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific...

6.8CVSS7.2AI score0.00892EPSS

CVE•added 2024/09/28 7:15 a.m.•43 views

CVE-2024-23960

Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability. This vulnerability allows physically present attackers to bypass signature validation mechanism on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific ...

4.6CVSS4.9AI score0.00015EPSS

CVE•added 2024/09/28 7:15 a.m.•42 views

CVE-2024-23923

Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exis...

8.8CVSS9.1AI score0.01498EPSS

CVE•added 2024/09/28 7:15 a.m.•39 views

CVE-2024-23935

Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device w...

8CVSS8.1AI score0.00864EPSS

CVE•added 2024/09/28 7:15 a.m.•35 views

CVE-2024-23924

Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specif...

6.8CVSS7.2AI score0.00892EPSS