Vulnerabilities > Protection Mechanism Failure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-31 | CVE-2018-9320 | Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. | 7.8 |
| 2018-05-31 | CVE-2018-9318 | Protection Mechanism Failure vulnerability in BMW Telematics Control Unit Firmware The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. | 9.8 |
| 2018-05-31 | CVE-2018-9314 | Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker who has direct physical access. | 6.8 |
| 2018-05-31 | CVE-2018-9313 | Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a remote attack via Bluetooth when in pairing mode, leading to a Head Unit reboot. | 5.3 |
| 2018-05-31 | CVE-2018-9312 | Protection Mechanism Failure vulnerability in BMW Head Unit HU NBT Firmware The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. | 7.8 |
| 2018-05-31 | CVE-2018-9311 | Protection Mechanism Failure vulnerability in BMW Telematics Control Unit Firmware The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. | 9.8 |
| 2018-05-17 | CVE-2018-0326 | Protection Mechanism Failure vulnerability in Cisco Telepresence Tx9000 Firmware 10.0(2.98000.99) A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting (XFS) attack against a user of the web UI of the affected software. | 6.1 |
| 2018-05-17 | CVE-2018-0297 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. | 5.8 |
| 2018-05-02 | CVE-2018-0250 | Protection Mechanism Failure vulnerability in Cisco Aironet Access Point Software 8.2(160.0)/8.4(100.0)/8.7(1.3) A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). | 4.1 |
| 2018-04-19 | CVE-2018-0254 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. | 5.3 |