VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202002-0190 CVE-2020-0562 Intel(R) RWC2 Vulnerability regarding improper default permissions in CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) RWC2 There is a vulnerability in improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A security vulnerability exists in the installer in Intel(R) RWC2. A local attacker could exploit this vulnerability to elevate privileges
VAR-202002-0352 CVE-2019-3998 SimpliSafe SS3 Authentication vulnerability in firmware CVSS V2: 1.9
CVSS V3: 5.5
Severity: MEDIUM
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to modify the Wi-Fi network the base station connects to. SimpliSafe SS3 There is an authentication vulnerability in the firmware.Information may be tampered with
VAR-202003-1765 CVE-2019-19277 SIPORT MP Input verification vulnerability in CVSS V2: 5.5
CVSS V3: 6.5
Severity: MEDIUM
A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts ("service users") with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of the system, such as granting persons access to a secured area. SIPORT is a comprehensive, modular and reliable system for access control and time management in the SSP Siveillance Access Suite. Siemens SIPORT MP has a security vulnerability that could allow an attacker to create a special account with administrative privileges
VAR-202002-0333 CVE-2019-20045 Synergy Systems & Solutions HUSKY RTU 6049-E70 Input validation error vulnerability CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware versions 5.0 and prior. Specially crafted malicious packets could cause disconnection of active authentic connections or reboot of device. This is a different issue than CVE-2019-16879 and CVE-2019-20046. This vulnerability is CVE-2019-16879 , CVE-2019-20046 Is a different vulnerability.Service operation interruption (DoS) It may be put into a state
VAR-202002-1417 CVE-2020-6181 SAP NetWeaver and ABAP Platform Vulnerability in CVSS V2: 5.0
CVSS V3: 5.8
Severity: MEDIUM
Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability. SAP NetWeaver and ABAP Platform There is an unspecified vulnerability in.Information may be tampered with
VAR-202002-1432 CVE-2020-6185 SAP NetWeaver and SAP S/4HANA Cross-site scripting vulnerability in CVSS V2: 3.5
CVSS V3: 5.4
Severity: MEDIUM
Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability. SAP NetWeaver and SAP S/4HANA Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with
VAR-202002-0061 CVE-2012-0951 NVIDIA Out-of-bounds write vulnerability in graphics driver CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry. NVIDIA The graphics driver contains a vulnerability related to out-of-bounds writing.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
VAR-202002-1419 CVE-2020-6184 SAP NetWeaver and SAP S/4HANA Cross-site scripting vulnerability in CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability. SAP NetWeaver and SAP S/4HANA Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with
VAR-202002-0612 CVE-2020-1830 plural Huawei Out-of-bounds read vulnerabilities in the product CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service. plural Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be put into a state. Huawei USG9500 is a Huawei firewall device. A remote attacker can use this vulnerability to submit a special request that can cause the application to crash or restart
VAR-202006-0974 CVE-2020-1813 HUAWEI P30 Authentication vulnerabilities in smartphones CVSS V2: 4.6
CVSS V3: 6.8
Severity: MEDIUM
HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operations. HUAWEI P30 Smartphones contain authentication vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
VAR-202002-0085 CVE-2011-4661 Cisco IOS Vulnerability regarding lack of resource release after valid lifetime in CVSS V2: 4.3
CVSS V3: 7.5
Severity: HIGH
A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured. Cisco IOS Is vulnerable to a lack of resource release after a valid lifetime.Service operation interruption (DoS) It may be put into a state. Cisco IOS is an operating system developed by Cisco for its network equipment. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements
VAR-202002-0609 CVE-2020-1827 plural Huawei Improper resource shutdown and release vulnerabilities in the product CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage. Huawei NIP6800 , Secospace USG6600 , USG9500 Contains vulnerabilities related to improper shutdown and release of resources.Service operation interruption (DoS) It may be put into a state
VAR-202002-0611 CVE-2020-1829 plural Huawei Double release vulnerability in product CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory. This may compromise normal service. Huawei NIP6800 , Secospace USG6600 , USG9500 There is a double release vulnerability in.Service operation interruption (DoS) It may be put into a state
VAR-202002-0610 CVE-2020-1828 plural Huawei Product input verification vulnerabilities CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service. Huawei NIP6800 , Secospace USG6600 , USG9500 There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state
VAR-202002-0579 CVE-2020-1814 plural Huawei In the product NULL Pointer dereference vulnerability CVSS V2: 3.5
CVSS V3: 5.3
Severity: MEDIUM
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal. plural Huawei In the product NULL Pointer dereference vulnerabilityService operation interruption (DoS) It may be put into a state
VAR-202002-0066 CVE-2011-2343 Android Vulnerability regarding information leakage in CVSS V2: 2.1
CVSS V3: 2.4
Severity: LOW
The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer. Android There is an information leakage vulnerability in.Information may be obtained
VAR-202002-0491 CVE-2019-19196 Telink Semiconductor BLE SDK of plural TLSR Classic buffer overflow vulnerability in the product CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices accepts a pairing request with a key size greater than 16 bytes, allowing an attacker in radio range to cause a buffer overflow and denial of service (crash) via crafted packets. Telink Semiconductor BLE SDK of TLSR8x5x , TLSR823x , TLSR826x Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be put into a state
VAR-202002-0487 CVE-2019-19192 STMicroelectronics BLE Stack Input verification vulnerability in CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets. STMicroelectronics BLE Stack There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state
VAR-202002-0418 CVE-2019-16336 Cypress PSoC 4 BLE Input validation vulnerabilities in components CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and earlier processes data channel frames with a payload length larger than the configured link layer maximum RX payload size, which allows attackers (in radio range) to cause a denial of service (crash) via a crafted BLE Link Layer frame. Cypress PSoC 4 BLE The component contains an input validation vulnerability.Service operation interruption (DoS) It may be put into a state
VAR-202002-0394 CVE-2019-17519 KW41Z For devices NXP SDK Classic buffer overflow vulnerability in CVSS V2: 5.8
CVSS V3: 8.8
Severity: HIGH
The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet. KW41Z For devices NXP SDK Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state