VYPR

Secure Boot Stick (SBS)

by Ecos

CVEs (6)

  • CVE-2018-12336CriJun 17, 2018
    risk 0.64cvss 9.8epss 0.02

    Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access.

  • CVE-2018-12333HigJun 17, 2018
    risk 0.53cvss 8.1epss 0.00

    Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code.

  • CVE-2018-12330HigJun 17, 2018
    risk 0.53cvss 8.1epss 0.01

    Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware.

  • CVE-2018-12334HigJun 17, 2018
    risk 0.49cvss 7.5epss 0.01

    Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack.

  • CVE-2018-12337MedJun 17, 2018
    risk 0.30cvss 4.6epss 0.00

    Reliance on Security Through Obscurity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to partially extract confidential configurations via user-space emulation.

  • CVE-2018-12332MedJun 17, 2018
    risk 0.27cvss 4.2epss 0.00

    Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.