Page 13 of 91 results (0.008 seconds)

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access. Unos permisos heredados no seguros en el instalador del software Intel(R) PROSet/Wireless WiFi para Windows 10 versiones anteriores a 22.40, pueden permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00509.html • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.3EPSS: 0%CPEs: 10EXPL: 0

Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclosure and denial of service via adjacent access. Unos permisos heredados no seguros en algunos controladores Intel® ProSet/Wireless WiFi pueden permitir a un usuario autenticado habilitar potencialmente una divulgación de información y una denegación de servicio por medio de un acceso adyacente • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00472.html • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.4EPSS: 0%CPEs: 32EXPL: 0

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. Un emparejamiento de código PIN BR/EDR heredado de Bluetooth en Bluetooth Core Specification versiones 1.0B hasta 5.2, puede permitir a un dispositivo cercano no autenticado falsificar el BD_ADDR del dispositivo peer para completar el emparejamiento sin conocer el PIN A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even without knowledge of the key. • https://kb.cert.org/vuls/id/799380 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html https://access.redhat.com/security/cve/CVE-2020-26555 https://bugzilla.redhat.com/show_bug.cgi?id=1918601 • CWE-400: Uncontrolled Resource Consumption CWE-863: Incorrect Authorization •

CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0

Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time. El emparejamiento seguro de Bluetooth LE y BR/EDR en Bluetooth Core Specification versiones 2.1 hasta 5.2, puede permitir a un atacante de tipo man-in-the-middle cercano identificar el Passkey usada durante el emparejamiento (en el procedimiento de autenticación de Passkey) mediante el reflejo de la clave pública y la evidencia de autenticació del dispositivo de inicio, potencialmente permitiendo a este atacante completar el emparejamiento autenticado con el dispositivo que responde usando la contraseña correcta para la sesión de emparejamiento. La metodología de ataque determina el valor de la Clave un bit a la vez A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing (SSP), Secure Connections (SC) and LE Secure Connections (LESC) of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any previous knowledge. • https://kb.cert.org/vuls/id/799380 https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ https://security.gentoo.org/glsa/202209-16 https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security ht • CWE-287: Improper Authentication •

CVSS: 5.3EPSS: 0%CPEs: 330EXPL: 0

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. Se detectó un problema en el kernel en NetBSD versión 7.1. Un punto de acceso (AP) reenvía tramas EAPOL a otros clientes aunque el remitente aún no se haya autenticado con éxito en el AP. • http://www.openwall.com/lists/oss-security/2021/05/11/12 https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu https://www.arista.com/en/support/advisories-notices/security-advisories/12602-s • CWE-287: Improper Authentication CWE-829: Inclusion of Functionality from Untrusted Control Sphere •