IoT Product Security Knowledge Hub

CVE-2023-31070 Broadcom BCM47xx SDK EMF slab-out-of-bounds write - the uncomfortable reality of the IoT Linux kernel space

CVE-2023-31070 Broadcom BCM47xx SDK EMF slab-out-of-bounds write - the uncomfortable reality of the IoT Linux kernel space

picture of the authorAttila Szász May 18, 2023 11 mins read

Exploring the Impact of CVE-2023-31070: A Deep Dive into Broadcom BCM47xx SDK, found by Attila Szasz with BugProve's engine.

IoT Bug Bounty Hunting using BugProve

IoT Bug Bounty Hunting using BugProve

picture of the authorGábor Selján May 15, 2023 4 mins read

A short guide on how to use BugProve's proprietary PRIS engine to scan and evaluate firmware for unknown security vulnerabilities - so you can start your bug bounty journey now!

Product Update #3

Product Update #3

picture of the authorBálint Jánvári May 10, 2023 2 mins read

Announcing our first AI powered feature, helping you understand and fix issues faster.

Product Update #2

Product Update #2

picture of the authorBálint Jánvári April 25, 2023 2 mins read

A smaller one this time, focused on one much requested feature: shareable reports.

Your Resource Directory for IoT Security

Your Resource Directory for IoT Security

picture of the authorGergő Hosszú April 21, 2023 14 mins read

Check out our collection of books, podcasts, youtube channels, and other educational materials on IoT security and pentesting.

Product Update #1

Product Update #1

picture of the authorBálint Jánvári April 11, 2023 3 mins read

This is the first major update to our platform, and we are excited to give you a brief overview of the changes.

7 Questions and Answers about Firmware and Firmware Security

7 Questions and Answers about Firmware and Firmware Security

picture of the authorAttila Szász April 4, 2023 25 mins read

Discover the ins and outs of firmware security with this all-encompassing guide, including vulnerabilities, encryption, and best practices.

Enhancing Device Security beyond Firmware Encryption

Enhancing Device Security beyond Firmware Encryption

picture of the authorGergő Hosszú March 21, 2023 11 mins read

Learn about the limitations of firmware encryption and the risks of firmware hacking techniques that can bypass this security measure

EU Cyber Resilience Act (CRA) - All you need to know in a nutshell

EU Cyber Resilience Act (CRA) - All you need to know in a nutshell

picture of the authorJonatán Bodó March 8, 2023 4 mins read

The issue of low cybersecurity standards that plagued the IoT sector for years is going to be solved. Well, not at once, but we are making steps in the right direction.

Launching our Free Plan!

Launching our Free Plan!

picture of the authorAttila Szász February 15, 2023 2 mins read

We want to show you the full potential of our zero-day vulnerability discovery and firmware analysis features, so we made sure the results you get are completely available in our Free Plan as well.

CVE-2022-24942 Heap-based buffer overflow in Silicon Labs Gecko SDK

CVE-2022-24942 Heap-based buffer overflow in Silicon Labs Gecko SDK

picture of the authorAttila Szász February 14, 2023 8 mins read

An overview of the vulnerabilities found by BugProve in the SDK of Silicon Labs