B426 Firmware Security Vulnerabilities

CVE-2024-32915

In CellInfoListParserV2::FillCellInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for...

CVE-2024-32904

In ProtocolVsimOperationAdapter() of protocolvsimadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for...

CVE-2024-32904

In ProtocolVsimOperationAdapter() of protocolvsimadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for...

CVE-2024-32898

In ProtocolCellIdentityParserV4::Parse() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for...

CVE-2024-32897

In ProtocolCdmaCallWaitingIndAdapter::GetCwInfo() of protocolsmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for...

CVE-2024-29778

In ProtocolPsDedicatedBearInfoAdapter::processQosSession of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for...

Update now! Google Pixel vulnerability is under active exploitation

Google has notified Pixel users about an actively exploited vulnerability in their phones' firmware. Firmware is the code or program which is embedded into hardware devices. Simply put, it is the software layer between the hardware and the applications on the device. About the vulnerability,...

Siemens SICAM AK3/BC/TM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Mitsubishi Electric MELSEC-Q/L Series (Update B)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-Q/L Series Vulnerabilities: Incorrect Pointer Scaling, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Siemens TIM 1531 IRC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Cinterion EHS5 3G UMTS/HSPA Module Research

Modems play an important role in enabling connectivity for a wide range of devices. This includes not only traditional mobile devices and household appliances, but also telecommunication systems in vehicles, ATMs and Automated Process Control Systems (APCS). When integrating the modem, many...

Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day

Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware. The company did not share any additional details related....

Android Pixel Privilege Escalation Vulnerability

Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege...

Ubuntu: Security Advisory (USN-6819-3)

The remote host is missing an update for...

SUSE SLES15 Security Update : kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed (SUSE-SU-2024:2005-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2005-1 advisory. Security Update 550.90.07: - CVE-2024-0090: Fixed out of bounds write (bsc#1223356). - CVE-2024-0092: Fixed incorrect exception...

SUSE: Security Advisory (SUSE-SU-2024:2005-1)

The remote host is missing an update for...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2008-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were...

linux-oem-6.5 vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-6356, CVE-2023-6535, CVE-2023-6536)...

CVE-2024-37038

CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web...

CVE-2024-37038

CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web...

CVE-2024-37038

CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web...

CVE-2024-5056

CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the...

CVE-2024-5056

CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the...

CVE-2024-5056

CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the...

CVE-2024-5056

CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the...

Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ConfigurationServlet servlet, which listens on TCP port 8080 by default. When....

JVN#25594256: Denial-of-service (DoS) vulnerability in IPCOM WAF function

WAF function of IPCOM provided by Fsas Technologies Inc. contains a denial-of-service (DoS) vulnerability (CWE-908). ## Impact If the product receives a specially crafted packet by an attacker, the system may be rebooted or suspended. ## Solution Update the firmware Update the firmware to the...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6819-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed (SUSE-SU-2024:1990-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1990-1 advisory. Security Update 550.90.07: - CVE-2024-0090: Fixed out of bounds write (bsc#1223356). -...

Ubuntu: Security Advisory (USN-6819-2)

The remote host is missing an update for...

linux-aws, linux-oracle vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-6356, CVE-2023-6535, CVE-2023-6536)...

CVE-2024-36650

TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function setNoticeCfg of the file /lib/cste_modules/system.so, the length of the user input string NoticeUrl is not checked. This can lead to a buffer overflow, allowing attackers to construct...

CVE-2024-36650

TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function setNoticeCfg of the file /lib/cste_modules/system.so, the length of the user input string NoticeUrl is not checked. This can lead to a buffer overflow, allowing attackers to construct...

CVE-2022-40225

A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cau...

Top 10 Critical Pentest Findings 2024: What You Need to Know

One of the most effective ways for information technology (IT) professionals to uncover a company's weaknesses before the bad guys do is penetration testing. By simulating real-world cyberattacks, penetration testing, sometimes called pentests, provides invaluable insights into an organization's...

QR code SQL injection and other vulnerabilities in a popular biometric terminal

Biometric scanners offer a unique way to resolve the conflict between security and usability. They help to identify a person by their unique biological characteristics – a fairly reliable process that does not require the user to exert any extra effort. Yet, biometric scanners, as any other tech,.....

June 11, 2024—KB5039227 (OS Build 20348.2527)

June 11, 2024—KB5039227 (OS Build 20348.2527) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when.....

June 11, 2024—KB5039213 (OS Build 22000.3019)

June 11, 2024—KB5039213 (OS Build 22000.3019) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 21H2, see its update history page. Note Follow @WindowsUpdate to find out.....

Zyxel NAS Pre-Auth Command Injection vulnerability (CVE-2023-27992)

The Zyxel NAS is potentially affected by a pre-authentication command injection vulnerability. This Zyxel device firmware is missing authentication logic which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. Note that...

CVE-2024-36650

TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function setNoticeCfg of the file /lib/cste_modules/system.so, the length of the user input string NoticeUrl is not checked. This can lead to a buffer overflow, allowing attackers to construct...

Ubuntu 23.10 : Linux kernel vulnerabilities (USN-6819-2)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-2 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

AMD SPI Lock Bypass June 2024 Security Update

AMD has informed HP of a potential weakness in AMD SPI protection features, which might allow arbitrary code execution. AMD is releasing firmware updates and HP is enabling AMD ROM Armor to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerability. HP has...

CVE-2024-36650

TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function setNoticeCfg of the file /lib/cste_modules/system.so, the length of the user input string NoticeUrl is not checked. This can lead to a buffer overflow, allowing attackers to construct...

Ubuntu: Security Advisory (USN-6818-2)

The remote host is missing an update for...

CVE-2022-37020

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...

CVE-2022-37020

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...

CVE-2022-37019

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...

CVE-2022-37019

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...

CVE-2022-37020 HP PC BIOS May 2024 Security Updates for Potential Stack Buffer Overflows

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...

CVE-2022-37019 HP PC BIOS May 2024 Security Updates for Potential Stack Buffer Overflows

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...