CWE-1274
9 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1274page 1 of 1
- CVE-2022-2482HIGHCVSS 8.4EG 8.82023-01-06
A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. A script placed in the appropriate place could…
- CVE-2022-2484HIGHCVSS 8.4EG 7.82023-01-06
The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified No…
- CVE-2023-31345HIGHCVSS 7.5EG 7.52025-02-12
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
- CVE-2024-36345MEDIUMCVSS 4.6EG 4.62026-05-15
Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.
- CVE-2025-29950HIGHCVSS 7.1EG 7.12026-02-10
Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.
- CVE-2025-4043MEDIUMCVSS 6.8EG 6.82025-05-07
An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot.
- CVE-2025-59404HIGHCVSS 7.5EG 7.52025-09-25
Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with its bootloader unlocked. This permits bypass of Android Verified Boot (AVB) and allows direct modification of partitions.
- CVE-2025-59694MEDIUMCVSS 6.8EG 6.82025-12-02
The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance b…
- CVE-2025-65396MEDIUMCVSS 6.1EG 6.12026-01-14
A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by ind…
Map vulnerabilities like CWE-1274 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1274 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →