Headline

CVE-2021-4228

Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0.

1 year ago

CVE

Open in Source

#ssl

Over a dozen security flaws have been discovered in baseboard management controller (BMC) firmware from Lanner that could expose operational technology (OT) and internet of things (IoT) networks to remote attacks. BMC refers to a specialized service processor, a system-on-chip (SoC), that's found in server motherboards and is used for remote monitoring and management of a host system, including

1 year ago

The Hacker News

Open in Source

#vulnerability #web #intel #rce #buffer_overflow #auth #The Hacker News

Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks

1 year ago

The Hacker News

Open in Source

#vulnerability #web #intel #rce #buffer_overflow #auth #The Hacker News

CVE-2021-4228: spx_restservice SubNet_handler_func Multiple Command Injections and Stack-Based Buffer Overflows – Nozomi Networks

1 year ago

CVE

Open in Source

#vulnerability #intel #buffer_overflow #auth #ssl

CVE-2021-45925: Vulnerabilities in BMC Firmware Affect OT/IoT Device Security – Part 1

Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.

1 year ago

CVE

Open in Source