VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202003-1737 CVE-2020-6203 SAP NetWeaver UDDI Server Past Traversal Vulnerability in CVSS V2: 6.4
CVSS V3: 9.1
Severity: CRITICAL
SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to Path Traversal. SAP NetWeaver UDDI Server (Services Registry) Exists in a past traversal vulnerability.Information may be obtained and tampered with
VAR-202003-0780 CVE-2019-19296 SiNVR 3 Central Control Server  and  Video Server  Past traversal vulnerability in CVSS V2: 4.9
CVSS V3: 8.1
Severity: HIGH
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The two FTP services (default ports 21/tcp and 5411/tcp) of the SiVMS/SiNVR Video Server contain a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary files from the server, if the FTP services are enabled. SiNVR 3 Central Control Server (CCS) and Video Server Exists in a past traversal vulnerability.Information may be obtained and information may be tampered with. SiNVR 3 is a video management platform. SiNVR 3 has a path traversal vulnerability in its implementation
VAR-202003-1598 CVE-2020-6980 plural Rockwell Automation Vulnerability in plaintext storage of important information in products CVSS V2: 2.1
CVSS V3: 3.3
Severity: LOW
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim’s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext. Rockwell Automation MicroLogix 1400 , MicroLogix 1100 controller, RSLogix 500 The software contains a vulnerability in the plaintext storage of important information.Information may be obtained. Rockwell Automation MicroLogix 1400 Controllers Series A and others are products of Rockwell Automation (USA). Rockwell Automation MicroLogix 1400 Controllers Series A is a programmable logic controller. MicroLogix 1100 Controllers is a programmable logic controller. RSLogix 500 Software is a set of programming software for industrial control systems. A number of Rockwell Automation products have information disclosure vulnerabilities. The vulnerability stems from the fact that the program writes the authentication data to the project file in clear text. The attacker can use this vulnerability to obtain SMTP server authentication data
VAR-202003-1459 CVE-2020-7579 Siemens Spectrum Power 5 Cross-Site Scripting Vulnerability CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
A vulnerability has been identified in Spectrum Power™ 5 (All versions < v5.50 HF02). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to recommended system configuration, Siemens consideres the environmental vector as CR:L/IR:M/AR:H/MAV:A (4.1). Spectrum Power 5 Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. Siemens Spectrum Power is a system that provides basic components for SCADA, communication and data modeling of control and monitoring systems
VAR-202003-0886 CVE-2019-18336 Siemens SIMATIC S7-300 CPU and SINUMERIK Controller Resource Management Error Vulnerability CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC S7-300n and SINUMERIK 840D sl Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state. Siemens SIMATIC S7-300 CPU is a modular general-purpose controller for the manufacturing industry from Siemens. Siemens SIMATIC S7-300 CPU and SINUMERIK Controller have a resource management error vulnerability, which can be exploited by an attacker to cause a denial of service
VAR-202003-0782 CVE-2019-19298 SiNVR 3 Central Control Server and Video Server Input verification vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS Video Server (All versions >= V5.0.0 < V5.0.2). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service condition by sending malformed HTTP requests. SiNVR 3 Central Control Server (CCS) and Video Server There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state. SiNVR 3 is a video management platform. SiNVR 3 has an input verification vulnerability in its implementation
VAR-202003-0781 CVE-2019-19297 SiNVR 3 Central Control Server and Video Server Past Traversal Vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server contains a path traversal vulnerability, that could allow an unauthenticated remote attacker to access and download arbitrary files from the server. SiNVR 3 Central Control Server (CCS) and Video Server Exists in a past traversal vulnerability.Service operation interruption (DoS) It may be put into a state. SiNVR 3 is a video management platform
VAR-202003-1613 CVE-2020-6990 plural Rockwell Automation Vulnerabilities in the use of hard-coded credentials in products CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file. An attacker could identify cryptographic keys and use it for further cryptographic attacks that could ultimately lead to a remote attacker gaining unauthorized access to the controller. Rockwell Automation MicroLogix 1400 , MicroLogix 1100 controller, RSLogix 500 The software contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Rockwell Automation MicroLogix 1400 Controllers Series A and others are products of Rockwell Automation (USA). Rockwell Automation MicroLogix 1400 Controllers Series A is a programmable logic controller. MicroLogix 1100 Controllers is a programmable logic controller. RSLogix 500 Software is a set of programming software for industrial control systems. Vulnerabilities in trust management issues exist in many Rockwell Automation products. The vulnerability stems from the RSLogix 500 binary file with a hard-coded encryption key used to protect the account password
VAR-202003-1611 CVE-2020-6988 plural Rockwell Automation Product authentication vulnerabilities CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials. Rockwell Automation MicroLogix 1400 , MicroLogix 1100 controller, RSLogix 500 The software contains an authentication vulnerability.Information may be obtained. MicroLogix 1100 Controllers is a programmable logic controller. RSLogix 500 Software is a set of programming software for industrial control systems
VAR-202003-1602 CVE-2020-6984 plural Rockwell Automation Vulnerabilities in the use of cryptographic algorithms in products CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable. Rockwell Automation MicroLogix 1400 , MicroLogix 1100 controller, RSLogix 500 The software contains vulnerabilities in the use of cryptographic algorithms.Information may be obtained. Rockwell Automation MicroLogix 1400 Controllers Series A and others are products of Rockwell Automation (USA). MicroLogix 1100 Controllers is a programmable logic controller. RSLogix 500 Software is a set of programming software for industrial control systems
VAR-202003-0775 CVE-2019-19291 Siemens SiNVR 3 Plain text save file vulnerability CVSS V2: 3.5
CVSS V3: 6.5
Severity: MEDIUM
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain log files that store login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service. SiNVR 3 is a video management platform. SiNVR 3 saves the login credentials in plain text in the log file. There is an information disclosure vulnerability in the implementation. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
VAR-202003-0779 CVE-2019-19295 Siemens SiNVR 3 Under-recorded vulnerability CVSS V2: 4.0
CVSS V3: 4.3
Severity: MEDIUM
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) does not enforce logging of security-relevant activities in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to perform covert actions that are not visible in the application log. Siemens' SiNVR 3 Central Control Server and SiNVR 3 Video Server contains an insufficient logging vulnerability.Information may be tampered with. SiNVR 3 is a video management platform. SiNVR 3 has an insufficient security operation record in the XML-based communication protocol implementation. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
VAR-202003-0776 CVE-2019-19292 SiNVR 3 Central Control Server  and  Video Server  In  SQL  Injection vulnerability CVSS V2: 6.5
CVSS V3: 8.8
Severity: HIGH
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains an SQL injection vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to read or modify the CCS database and potentially execute administrative database operations or operating system commands. SiNVR 3 is a video management platform. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
VAR-202003-0778 CVE-2019-19294 SiNVR 3 Central Control Server  and  Video Server  Cross-site scripting vulnerability in CVSS V2: 3.5
CVSS V3: 5.4
Severity: MEDIUM
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The web interface of the Control Center Server (CCS) contains multiple stored Cross-site Scripting (XSS) vulnerabilities in several input fields. This could allow an authenticated remote attacker to inject malicious JavaScript code into the CCS web application that is later executed in the browser context of any other user who views the relevant CCS web content. SiNVR 3 is a video management platform. Remote attackers can use this vulnerability to inject malicious JavaScript code
VAR-202003-0777 CVE-2019-19293 Siemens SiNVR 3 Cross-Site Scripting Vulnerability CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The web interface of the Control Center Server (CCS) contains a reflected Cross-site Scripting (XSS) vulnerability that could allow an unauthenticated remote attacker to steal sensitive data or execute administrative actions on behalf of a legitimate administrator of the CCS web interface. SiNVR 3 is a video management platform. SiNVR 3 has a reflective cross-site scripting vulnerability in its implementation. Remote attackers can use this vulnerability to obtain sensitive data or perform operations as an administrator
VAR-202003-0774 CVE-2019-19290 Siemens SiNVR 3 Path traversal vulnerability CVSS V2: 4.0
CVSS V3: 6.5
Severity: MEDIUM
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The DOWNLOADS section in the web interface of the Control Center Server (CCS) contains a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary files from the server where CCS is installed. SiNVR 3 is a video management platform. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
VAR-202003-0008 CVE-2020-0551 plural Intel(R) Product injection vulnerabilities CVSS V2: 1.9
CVSS V3: 5.6
Severity: MEDIUM
Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html. plural Intel(R) The product contains an injection vulnerability.Information may be obtained. Both Intel Core i5 processor and Intel Core i7 processor are products of Intel Corporation. Intel Core i5 processor is a Core (Core) i5 series central processing unit (CPU). Intel Core i7 processor is a Core (Core) i7 series central processing unit (CPU). There are security holes in the use of predictive execution technology in many Intel products. Local attackers can use this vulnerability to obtain information
VAR-202003-1805 CVE-2019-19705 plural  Lenovo  Vulnerability with unquoted search paths or elements in the product CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading. plural Lenovo The product contains an unquoted search path or element vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Multiple Lenovo products could allow a local malicious user to execute arbitrary code on the system, caused by a DLL preloading issue in Realtek Audio Drivers. By placing a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary ode on the system
VAR-202003-1772 CVE-2019-19756 Lenovo XClarity Administrator Vulnerability regarding information leakage from log files in CVSS V2: 3.6
CVSS V3: 6.0
Severity: MEDIUM
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered Windows OS credentials, used to perform driver updates of managed systems, being written to a log file in clear text. This only affects LXCA version 2.6.0 when performing a Windows driver update. Affected logs are only accessible to authorized users in the First Failure Data Capture (FFDC) service log and log files on LXCA. Lenovo XClarity Administrator (LXCA) Exists in a vulnerability related to information leakage from log files.Information may be obtained and tampered with. Lenovo XClarity Administrator (LXCA) is a set of centralized resource management solutions of China Lenovo (Lenovo). The product provides agentless hardware management capabilities for servers, storage, network switches, and more. An attacker could exploit this vulnerability to obtain information
VAR-202003-0361 CVE-2020-0520 Intel(R) Graphics Driver Vulnerability related to authority management in CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Path traversal in igdkmd64.sys for Intel(R) Graphics Drivers before versions 15.45.30.5103, 15.40.44.5107, 15.36.38.5117 and 15.33.49.5100 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access. Intel(R) Graphics Driver Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A path traversal vulnerability exists in the igdkmd64.sys file in Intel Graphics Drivers. A local attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: Intel Graphics Drivers prior to 15.45.30.5103, prior to 15.40.44.5107, prior to 15.36.38.5117, and prior to 15.33.49.5100