Monthly
Remote code execution in dfir-unfurl versions through 20250810 via exposed Werkzeug debugger. Improper string-based config parsing enables Flask debug mode by default, allowing unauthenticated remote attackers to access the interactive debugger interface and execute arbitrary Python code or extract sensitive application data including source code, environment variables, and stack traces. No public exploit identified at time of analysis.
Gardyn Cloud API exposes development and test endpoints that mirror production functionality, allowing unauthenticated remote attackers to access sensitive information with low complexity. This information disclosure vulnerability (CVSS 6.9) affects all versions of Gardyn Cloud API and has been documented by CISA ICS in advisory ICSA-26-055-03; no public exploit code or active exploitation has been identified at the time of analysis.
The GREEN HOUSE CO., LTD. Digital Photo Frame GH-WDF10A contains active debug code that allows unauthenticated local attackers to read or write arbitrary files and execute commands with root privileges. This vulnerability affects all versions of the GH-WDF10A model and represents a critical local privilege escalation risk for any user with physical or network access to the device. While the CVSS score of 6.8 reflects medium severity due to the physical access requirement, the ability to achieve root code execution makes this a significant concern for device owners and enterprise deployments.
The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Rated low severity (CVSS 3.7), this vulnerability is no authentication required.
Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.
An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.
There is a possible escalation of privilege due to test/debugging code left in a production build. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Information disclosure while capturing logs as eSE debug messages are logged. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
An open debug interface was reported in the Legion Space software included on certain Legion devices that could allow a local attacker to execute arbitrary code. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
Remote code execution in dfir-unfurl versions through 20250810 via exposed Werkzeug debugger. Improper string-based config parsing enables Flask debug mode by default, allowing unauthenticated remote attackers to access the interactive debugger interface and execute arbitrary Python code or extract sensitive application data including source code, environment variables, and stack traces. No public exploit identified at time of analysis.
Gardyn Cloud API exposes development and test endpoints that mirror production functionality, allowing unauthenticated remote attackers to access sensitive information with low complexity. This information disclosure vulnerability (CVSS 6.9) affects all versions of Gardyn Cloud API and has been documented by CISA ICS in advisory ICSA-26-055-03; no public exploit code or active exploitation has been identified at the time of analysis.
The GREEN HOUSE CO., LTD. Digital Photo Frame GH-WDF10A contains active debug code that allows unauthenticated local attackers to read or write arbitrary files and execute commands with root privileges. This vulnerability affects all versions of the GH-WDF10A model and represents a critical local privilege escalation risk for any user with physical or network access to the device. While the CVSS score of 6.8 reflects medium severity due to the physical access requirement, the ability to achieve root code execution makes this a significant concern for device owners and enterprise deployments.
The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Rated low severity (CVSS 3.7), this vulnerability is no authentication required.
Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.
An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.
There is a possible escalation of privilege due to test/debugging code left in a production build. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Information disclosure while capturing logs as eSE debug messages are logged. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
An open debug interface was reported in the Legion Space software included on certain Legion devices that could allow a local attacker to execute arbitrary code. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.