Ressourcen
>
Research

Research Blog

Bleiben Sie mit den neuesten Sicherheitshinweisen, Schwachstellenberichten und Plattformentwicklungen auf dem Laufenden — damit Ihre Produkte sicher und konform sind.

Ausgewählte Forschungsartikel

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones
Research
Nov 17, 2024
15
min. Lesezeit

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

Discover critical vulnerabilities in Mitel SIP phones that allow unauthenticated command injection. Learn how outdated input parsing can expose your devices and why it's essential to scan firmware for security risks. Protect your network with our in-depth analysis and expert takeaways.

Denys Vozniuk
Denys Vozniuk
Security Consultant
Mehr lesen
The X in XFTP Stands For eXecute
Research
Jul 8, 2024
6
min. Lesezeit

The X in XFTP Stands For eXecute

Find out how our platform enhances firmware security by identifying vulnerabilities & bugs in ICT products, ensuring compliance with DORA & NIS2 directive.

Mehr lesen
Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X
Research
May 26, 2024
5
min. Lesezeit

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

Mehr lesen
Security Advisory: Remote Code Execution in Ligowave Devices
Research
May 13, 2024
3
min. Lesezeit

Security Advisory: Remote Code Execution in Ligowave Devices

Explore the security advisory detailing remote code execution vulnerabilities in Ligowave devices. Learn about the risks & recommended protections.

Mehr lesen
Bisherige
Weiter

Alle Forschungsartikel

Making TOCTOU Great again - X(R)IP
Research
Oct 19, 2023
7
min. Lesezeit

Making TOCTOU Great again - X(R)IP

ONEKEY Seucrity Insight: Delve into TOCTOU vulnerabilities in embedded systems utilizing XiP. Discover how these gaps at the hardware level can compromise secure boot processes.

Mehr lesen
Security Advisory: Clock Fault Injection on Mocor OS - Password Bypass
Research
Aug 8, 2023
4
min. Lesezeit

Security Advisory: Clock Fault Injection on Mocor OS - Password Bypass

Discover the critical vulnerabilty in the Mocor OS on UNISOC SC6531E devices that allows unauthorised users to bypass locks via clock fault injection.

Mehr lesen
Security Advisory: Unauthenticated Remote Command Execution in Multiple WAGO Products
Research
May 15, 2023
4
min. Lesezeit

Security Advisory: Unauthenticated Remote Command Execution in Multiple WAGO Products

Security Advisory: Critical unauthenticated command injection vulnerability in the "Legal Information" plugin of the WAGO Series PFC100 web interface.

Mehr lesen
Latest Developments in Unblob (2)
Research
May 8, 2023
min. Lesezeit

Latest Developments in Unblob (2)

Revolutionize firmware extraction with UNBLOB! Discover the latest developments & advancements in this cutting-edge project. Don't miss latest blog post!

Mehr lesen
Leveraging ChatGPT to build a Hardware Fault Injection Tool. 
Research
Apr 26, 2023
19
min. Lesezeit

Leveraging ChatGPT to build a Hardware Fault Injection Tool. 

This security insight explores the process of building an AI-assisted Teensy-based fault injection framework for testing system security. Learn more here!

Mehr lesen
Security Advisory: Multiple Vulnerabilities in Phoenix Contact Routers
Research
Mar 27, 2023
3
min. Lesezeit

Security Advisory: Multiple Vulnerabilities in Phoenix Contact Routers

Authenticated users can execute arbitrary commands with elevated privileges or access any file on the system. Read the latest security advisory here!

Mehr lesen
Security Advisory: Multiple Vulnerabilities in NetModule Routers
Research
Feb 23, 2023
3
min. Lesezeit

Security Advisory: Multiple Vulnerabilities in NetModule Routers

Multiple vulnerabilities identified in NetModule industrial routers. Are your industrial routers safe? Read the latest security advisory now!

Mehr lesen
ClamAV Critical Patch Review
Research
Feb 20, 2023
7
min. Lesezeit

ClamAV Critical Patch Review

In this technical deep dive, ONEKEY explores the underlying issues fixed by the recent critical patch released by ClamAV. 👉

Mehr lesen
Security Advisory: Remote Command Execution in binwalk
Research
Jan 30, 2023
7
min. Lesezeit

Security Advisory: Remote Command Execution in binwalk

Learn about the security vulnerability in binwalk v2.1.2b-2.3.3 that allows malicious PFS file extraction and remote code execution. 👉

Mehr lesen
Schauen Sie sich Whitepapers an

Schauen Sie sich Whitepapers an

Lesen Sie ausführliche Whitepapers zu Cybersicherheit und Compliance, die darauf ausgelegt sind, die Sicherheit und Compliance Ihres Produkts zu verbessern.

Treffen Sie uns auf Veranstaltungen

Treffen Sie uns auf Veranstaltungen

Nehmen Sie an branchenführenden Veranstaltungen teil und tauschen Sie sich persönlich mit unseren Experten aus, um zu erfahren, wie Sie Ihre Cybersicherheits- und Compliance-Strategien verbessern können.

Einblicke aus unserem Blog

Einblicke aus unserem Blog

Holen Sie sich Expertentipps und Branchen-Updates.
In unserem Blog finden Sie praktische Ratschläge, Trends und Lösungen, die Ihnen helfen, sicher und konform zu bleiben.

Bereit zur automatisierung ihrer Cybersicherheit & Compliance?

Machen Sie Cybersicherheit und Compliance mit ONEKEY effizient und effektiv.

Eine Demo buchen