CWE-1299
10 CVEs classified under CWE-1299. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-35998 | High | 7.9 | 2026-02-10 | Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may all… |
CVE-2025-1073 | High | 7.5 | 2025-04-10 | Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may allow an attacker with physical access to load unauthorized firmware onto the device. |
CVE-2025-41697 | Medium | 6.8 | 2025-12-09 | An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692. |
CVE-2021-3788 | Medium | 6.8 | 2021-11-12 | An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access… |
CVE-2023-29060 | Medium | 5.4 | 2023-11-28 | The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access t… |
CVE-2022-43557 | Medium | 5.3 | 2022-12-05 | The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, speci… |
CVE-2024-39723 | Medium | 4.6 | 2024-07-08 | IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the U… |
CVE-2023-29063 | Low | 2.4 | 2023-11-28 | The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for… |
CVE-2025-26409 | | 2025-02-11 | A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is… | |
CVE-2024-47944 | | 2024-10-15 | The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthentic… |