Secure Boot Stick (SBS)
by Ecos
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12336 | Cri | 0.64 | 9.8 | 0.02 | Jun 17, 2018 | Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access. | ||
| CVE-2018-12333 | Hig | 0.53 | 8.1 | 0.00 | Jun 17, 2018 | Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code. | ||
| CVE-2018-12330 | Hig | 0.53 | 8.1 | 0.01 | Jun 17, 2018 | Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware. | ||
| CVE-2018-12334 | Hig | 0.49 | 7.5 | 0.01 | Jun 17, 2018 | Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack. | ||
| CVE-2018-12337 | Med | 0.30 | 4.6 | 0.00 | Jun 17, 2018 | Reliance on Security Through Obscurity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to partially extract confidential configurations via user-space emulation. | ||
| CVE-2018-12332 | Med | 0.27 | 4.2 | 0.00 | Jun 17, 2018 | Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset. |
- risk 0.64cvss 9.8epss 0.02
Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access.
- risk 0.53cvss 8.1epss 0.00
Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code.
- risk 0.53cvss 8.1epss 0.01
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware.
- risk 0.49cvss 7.5epss 0.01
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack.
- risk 0.30cvss 4.6epss 0.00
Reliance on Security Through Obscurity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to partially extract confidential configurations via user-space emulation.
- risk 0.27cvss 4.2epss 0.00
Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.