Security
Headlines
HeadlinesLatestCVEs

Tag

#nokia

Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps

Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail.

DARKReading
Open in Source
#android#google#intel#nokia
CVE-2021-0934: Android Security Bulletin—December 2022  |  Android Open Source Project

In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-169762606

CVE-2021-1050: Android Security Bulletin—November 2022  |  Android Open Source Project

In MMU_UnmapPages of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-243825200

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC Telecom's Remote Access Server (RAS), which "could allow an attacker to obtain sensitive information and

OneLayer Opens 5G Security Lab for Network Security Companies to Research Threats to Private Cellular Networks

Cybersecurity and telecom providers from around the world can now test their technologies and use cases in OneLayer's digital twin private network environment.

CVE-2022-20429: Android Automotive OS Update Bulletin—October 2022  |  Android Open Source Project

In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220741473

CVE-2021-0696: Android Security Bulletin—October 2022  |  Android Open Source Project

In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242344778

This Vote Could Change the Course of Internet History

UN countries are preparing to pick a new head of the International Telecommunications Union. Who wins could shape the open web's future.

CVE-2022-38788: GitHub - ProxyStaffy/Nokia-FastMile-5G-Receiver-5G14-B

An issue was discovered in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an attacker to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).