Security
Headlines
HeadlinesLatestCVEs

Tag

#bios

Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs

Hundreds of consumer and enterprise-grade x86 and ARM models from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable to bootkits and takeover.

DARKReading
#vulnerability#ios#dos#intel#lenovo#bios#acer#samsung#auth
CVE-2023-29060: BD FACSChorus Vulnerabilities - Software and Workstation

The FACSChorusâ„¢ workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data.

CVE-2023-32469: DSA-2023-223: Security Update for a Dell Precision Tower BIOS Vulnerability

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.

CVE-2023-39535

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.

CVE-2023-34431

Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access

CVE-2023-22329

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via adjacent access.

CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services.

CVE-2023-5078: Multi-vendor BIOS Security Vulnerabilities (October 2023) - Lenovo Support US

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.

This Is the Ops Manual for the Most Tech-Savvy Animal Liberation Group in the US

For the first time, guerrilla animal rights group Direct Action Everywhere reveals a guide to its investigative tactics and toolkit, from spy cams to night vision and drones.

Hacker Leaks 35 Million Scraped LinkedIn User Records

By Waqas The hacker responsible for this leak is the same individual who previously leaked databases from InfraGard and Twitter. This is a post from HackRead.com Read the original post: Hacker Leaks 35 Million Scraped LinkedIn User Records