Vulnerabilities > Insecure Default Initialization of Resource

DATE CVE VULNERABILITY TITLE RISK
2021-11-18 CVE-2021-35535 Insecure Default Initialization of Resource vulnerability in Hitachienergy products
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product.
network
high complexity
hitachienergy CWE-1188
8.1
2021-11-04 CVE-2021-34795 Insecure Default Initialization of Resource vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory.
network
low complexity
cisco CWE-1188
critical
9.8
2021-10-08 CVE-2021-42109 Insecure Default Initialization of Resource vulnerability in Vitec products
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.
network
low complexity
vitec CWE-1188
critical
9.8
2021-09-17 CVE-2021-40825 Insecure Default Initialization of Resource vulnerability in Acuitybrands Nlight Eclypse System Controller Firmware
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a default key vulnerability.
network
low complexity
acuitybrands CWE-1188
8.6
2021-08-16 CVE-2021-0114 Insecure Default Initialization of Resource vulnerability in Intel products
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
intel CWE-1188
6.7
2021-07-15 CVE-2020-12732 Insecure Default Initialization of Resource vulnerability in Depstech Wifi Digital Microscope 3 Firmware
DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678.
low complexity
depstech CWE-1188
6.5
2021-07-14 CVE-2021-0144 Insecure Default Initialization of Resource vulnerability in Intel products
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
intel CWE-1188
6.7
2021-07-01 CVE-2021-35336 Insecure Default Initialization of Resource vulnerability in Tieline IP Audtio Gateway Firmware 2.6.4.8
Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control.
network
low complexity
tieline CWE-1188
critical
9.8
2021-06-22 CVE-2021-0534 Insecure Default Initialization of Resource vulnerability in Google Android 11.0
In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast protection due to an insecure default value.
local
low complexity
google CWE-1188
7.8
2021-06-16 CVE-2021-34203 Insecure Default Initialization of Resource vulnerability in Dlink Dir-2640-Us Firmware 1.01B04
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control.
low complexity
dlink CWE-1188
8.1