Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2023-30560
The configuration from the PCU can be modified without authentication using physical connection to the PCU.
Bd Alaris 8015 Pcu Firmware
6.8
CVSSv3
CVE-2023-42554
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical malicious users to bypass authentication.
Samsung Pass
6.6
CVSSv3
CVE-2019-14716
Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out).
Verifone Verix Os Qt000530
5.3
CVSSv3
CVE-2018-10219
baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request.
Baijiacms Project Baijiacms 3.0
6.8
CVSSv3
CVE-2021-33150
Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Intel Core I7-6700k -
Intel Atom C2750 -
Intel Xeon D-2141i -
Intel Xeon D-2177nt -
Intel Xeon D-2161i -
Intel Xeon D-2143it -
Intel Xeon D-2146nt -
Intel Xeon D-2145nt -
Intel Xeon D-2123it -
Intel Xeon D-2173it -
Intel Xeon D-2187nt -
Intel Xeon D-2142it -
Intel Xeon D-2163it -
Intel Xeon D-2183it -
Intel Xeon D-2166nt -
Intel Celeron J4005 -
Intel Celeron N4000 -
Intel Celeron J4105 -
Intel Celeron J3355 -
Intel Celeron J3455 -
Intel Celeron J3060 -
Intel Celeron J3160 -
1 Article
6.8
CVSSv3
CVE-2018-17534
Teltonika RUT9XX routers with firmware prior to 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.
Teltonika Rut900 Firmware
Teltonika Rut950 Firmware
Teltonika Rut955 Firmware
NA
CVE-2004-1038
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to ...
Ieee Firewire Ieee 1394
6.8
CVSSv3
CVE-2023-20589
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.
Amd Ryzen 5 Pro 3400g Firmware -
Amd Ryzen 5 3400g Firmware -
Amd Ryzen 5 Pro 3400ge Firmware -
Amd Ryzen 5 Pro 3350g Firmware -
Amd Ryzen 5 Pro 3350ge Firmware -
Amd Ryzen 3 Pro 3200g Firmware -
Amd Ryzen 3 3200g Firmware -
Amd Ryzen 3 3200ge Firmware -
Amd Ryzen 3 Pro 3200ge Firmware -
Amd Ryzen 9 3950x Firmware -
Amd Ryzen 9 3900xt Firmware -
Amd Ryzen 9 3900x Firmware -
Amd Ryzen 9 3900 Firmware -
Amd Ryzen 7 3800xt Firmware -
Amd Ryzen 7 3800x Firmware -
Amd Ryzen 7 3700x Firmware -
Amd Ryzen 5 3600xt Firmware -
Amd Ryzen 5 3600x Firmware -
Amd Ryzen 5 3600 Firmware -
Amd Ryzen 5 3500x Firmware -
Amd Ryzen 5 3500 Firmware -
Amd Ryzen 3 3300x Firmware -
4.6
CVSSv3
CVE-2022-30730
Improper authorization in Samsung Pass before 1.0.00.33 allows physical malicious users to acess account list without authentication.
Samsung Samsung Pass
6.8
CVSSv3
CVE-2020-28096
FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART access) to login via the ipc.fos~ password.
Foscammall Foscam X1 Firmware 1.14.2.4
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »