VARIoT IoT vulnerabilities database

All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impacted by an information leak vulnerability. An attacker could exploit the vulnerability to obtain sensitive information and perform unauthorized operations

Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. TRENDnet TEW-812DRU Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. Intel(R) Processor Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Both Microsoft Windows and Microsoft Windows Server are products of Microsoft Corporation. Microsoft Windows is an operating system for personal devices. Microsoft Windows Server is a server operating system. A denial of service vulnerability exists in Microsoft Windows and Windows Server due to the program's improper handling of objects in memory. An attacker could exploit this vulnerability by logging on to an affected system and running a specially crafted application to cause the targeted system to become unresponsive. The following products and versions are affected: Microsoft Windows 10, Windows 10 Version 1607, Windows 10 Version 1709, Windows 10 Version 1803, Windows 10 Version 1809, Windows 10 Version 1903, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server version 1803, Windows Server version 1903. (CVE-2019-15792) Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * Backport TCP follow-up for small buffers (BZ#1739184) * TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170) * RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548) * block: blk-mq improvement (BZ#1780567) * RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111) * blk-mq: overwirte performance drops on real MQ device (BZ#1782183) * RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705) 4. 7) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. ========================================================================== Ubuntu Security Notice USN-4186-3 November 13, 2019 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel Details: USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details: Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666) Maddie Stone discovered that the Binder IPC Driver implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2215) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.4.0-169-generic 4.4.0-169.198 linux-image-4.4.0-169-generic-lpae 4.4.0-169.198 linux-image-4.4.0-169-lowlatency 4.4.0-169.198 linux-image-generic 4.4.0.169.177 linux-image-generic-lpae 4.4.0.169.177 linux-image-lowlatency 4.4.0.169.177 linux-image-virtual 4.4.0.169.177 Please note that mitigating the TSX (CVE-2019-11135) and i915 (CVE-2019-0154) issues requires corresponding microcode and graphics firmware updates respectively. After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4186-3 https://usn.ubuntu.com/4186-1 CVE-2019-0155, https://bugs.launchpad.net/bugs/1852141 Package Information: https://launchpad.net/ubuntu/+source/linux/4.4.0-169.198 . Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2019:3837-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3837 Issue date: 2019-11-12 CVE Names: CVE-2018-12207 CVE-2019-0154 CVE-2019-11135 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, x86_64 3. Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. 5. Bugs fixed (https://bugzilla.redhat.com/): 1646768 - CVE-2018-12207 hw: Machine Check Error on Page Size Change (IPU) 1724393 - CVE-2019-0154 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state 1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA) 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6): Source: kernel-3.10.0-957.38.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.38.2.el7.noarch.rpm kernel-doc-3.10.0-957.38.2.el7.noarch.rpm x86_64: bpftool-3.10.0-957.38.2.el7.x86_64.rpm kernel-3.10.0-957.38.2.el7.x86_64.rpm kernel-debug-3.10.0-957.38.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.38.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.38.2.el7.x86_64.rpm kernel-devel-3.10.0-957.38.2.el7.x86_64.rpm kernel-headers-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.38.2.el7.x86_64.rpm perf-3.10.0-957.38.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm python-perf-3.10.0-957.38.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6): x86_64: kernel-debug-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.38.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.6): Source: kernel-3.10.0-957.38.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.38.2.el7.noarch.rpm kernel-doc-3.10.0-957.38.2.el7.noarch.rpm ppc64: kernel-3.10.0-957.38.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-957.38.2.el7.ppc64.rpm kernel-debug-3.10.0-957.38.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-957.38.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-957.38.2.el7.ppc64.rpm kernel-devel-3.10.0-957.38.2.el7.ppc64.rpm kernel-headers-3.10.0-957.38.2.el7.ppc64.rpm kernel-tools-3.10.0-957.38.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-957.38.2.el7.ppc64.rpm perf-3.10.0-957.38.2.el7.ppc64.rpm perf-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm python-perf-3.10.0-957.38.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm ppc64le: kernel-3.10.0-957.38.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-957.38.2.el7.ppc64le.rpm kernel-debug-3.10.0-957.38.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.38.2.el7.ppc64le.rpm kernel-devel-3.10.0-957.38.2.el7.ppc64le.rpm kernel-headers-3.10.0-957.38.2.el7.ppc64le.rpm kernel-tools-3.10.0-957.38.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-957.38.2.el7.ppc64le.rpm perf-3.10.0-957.38.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm python-perf-3.10.0-957.38.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm s390x: kernel-3.10.0-957.38.2.el7.s390x.rpm kernel-debug-3.10.0-957.38.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-957.38.2.el7.s390x.rpm kernel-debug-devel-3.10.0-957.38.2.el7.s390x.rpm kernel-debuginfo-3.10.0-957.38.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-957.38.2.el7.s390x.rpm kernel-devel-3.10.0-957.38.2.el7.s390x.rpm kernel-headers-3.10.0-957.38.2.el7.s390x.rpm kernel-kdump-3.10.0-957.38.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-957.38.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-957.38.2.el7.s390x.rpm perf-3.10.0-957.38.2.el7.s390x.rpm perf-debuginfo-3.10.0-957.38.2.el7.s390x.rpm python-perf-3.10.0-957.38.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.s390x.rpm x86_64: bpftool-3.10.0-957.38.2.el7.x86_64.rpm kernel-3.10.0-957.38.2.el7.x86_64.rpm kernel-debug-3.10.0-957.38.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.38.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.38.2.el7.x86_64.rpm kernel-devel-3.10.0-957.38.2.el7.x86_64.rpm kernel-headers-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.38.2.el7.x86_64.rpm perf-3.10.0-957.38.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm python-perf-3.10.0-957.38.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.6): ppc64: kernel-debug-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-957.38.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-957.38.2.el7.ppc64.rpm perf-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-957.38.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.38.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-957.38.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.38.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.38.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXcsZ1dzjgjWX9erEAQgUOA/9Fa+5RMJYOBRfAeQagg7CB0GBHbYS05+V 8VH5/4cDsXh9DwZ4nKusBmZrvwdhMtzNVgEfw5zGAAsIEDHyAqiMhdaA42bmroee ITQISqoEQVXZp4xVvPRdgPzIQSzEGD9yW3VOt45Wy+inupSnlJwlT3L9qEi6tgSC 8NU2gG+Of3/xX6JDI3KJPGTWL2MQcJxYJ0h1sgaP9zBJmRZyVB6tLYl6f3dPSoGU MmcWWULrWxTAqZ2K20yvVupnUIiABTh2sXZR8scTQrwR9xoEI2Nwe6N2mr97Fb3F rg1adgdZSEB/wnRFMN+gtaBuwuAOaCATIKRC2i/Dj9Ui54zi1whxlzHgiblxrdQi /XDWgT/kE3jgV93U6CExq4LSx2SRubNP5RTfq137U4nGoHcvEHnKsJ4zzTYQFN4d PPM4Dzkf5679zDwue90YBoKiYY9z9NPdHTDOWSDXrfRo/KUSM8u87PcCxFGzJ1v3 kNjEU6PqU4T9l2vAz6bkEWtxCuEJSaOfDVQbWDV+osCurSoHScmQkvqD9+dwWqF7 QNIN7qTjWrJXVxMsZRkPeQ0GYzx37dupX7Iaan8aOm3GniHPDlSoBexDUh1yTw4i eJWZ0xe5/a+CsYjygH91zMY8h+hh7du3zCZybDRgM0F/nAP0VjYqVdxG4eCLS81d 4A4fqvplnak= =oaMk -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. Cisco Adaptive Security Appliances Software is a firewall and network security platform. The platform provides features such as highly secure access to data and network resources. A buffer error vulnerability exists in the implementation of the Lua interpreter in Cisco ASA Software and Cisco FTD

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. Intel(R) AMT Contains an input validation vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An input validation error vulnerability exists in Intel Active Management Technology due to insufficient input validation. An attacker could exploit this vulnerability to cause a denial of service or obtain sensitive information. The following products and versions are affected: Intel Active Management Technology versions prior to 11.8.70, versions prior to 11.11.70, versions prior to 11.22.70, and versions prior to 12.0.45

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access. Intel(R) AMT Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. A security vulnerability exists in Intel CSME prior to 12.0.45, prior to 13.0.10, and prior to 14.0.10 due to insufficient input validation. A local attacker could exploit this vulnerability to cause a denial of service

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. Intel(R) AMT Contains an input validation vulnerability.Information may be obtained. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An input validation error vulnerability exists in Intel Active Management Technology due to insufficient input validation. A local attacker could exploit this vulnerability to obtain sensitive information. The following products and versions are affected: Intel Active Management Technology versions prior to 11.8.70, versions prior to 11.11.70, versions prior to 11.22.70, and versions prior to 12.0.45

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. Intel(R) CSME and TXE Contains an input validation vulnerability.Information may be obtained. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). A security vulnerability exists in the subsystems in Intel CSME and TXE. A local attacker could exploit this vulnerability to disclose information. The following products and versions are affected: Intel CSME before 11.8.70, before 12.0.45, before 13.0.10; Intel TXE before 3.1.70, before 4.0.20

Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access. Intel(R) CSME and TXE Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). Buffer error vulnerabilities exist in subsystems in Intel CSME and Intel TXE. Attackers can exploit this vulnerability to elevate privileges, leak information or cause denial of service. The following products and versions are affected: Intel CSME before 11.8.70, before 11.11.70, before 11.22.70, before 12.0.45; Intel TXE before 3.1.70, before 4.0.20

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access. Intel(R) CSME and TXE Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). A security vulnerability exists in a subsystem in Intel CSME and Intel TXE due to insufficient input validation. A local attacker could exploit this vulnerability to elevate privileges, disclose information or cause a denial of service. The following products and versions are affected: Intel CSME before 11.8.70, before 11.11.70, before 11.22.70, before 12.0.45, before 13.0.10, before 14.0.10; Intel TXE 3.1.70 Previous versions, versions before 4.0.20

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Intel(R) AMT Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access. Intel(R) AMT Contains an input validation vulnerability.Information may be obtained. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An attacker in physical proximity could exploit this vulnerability to disclose information. The following products and versions are affected: Intel AMT versions prior to 11.8.70, versions prior to 11.11.70, versions prior to 11.22.70, and versions prior to 12.0.45

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. Intel(R) CSME and Intel(R) TXE Contains an input validation vulnerability.Information may be obtained. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). A security vulnerability exists in subsystems in Intel CSME and Intel TXE due to insufficient input validation. A local attacker could exploit this vulnerability to disclose information. The following products and versions are affected: Intel CSME before 11.8.70, before 11.11.70, before 11.22.70, before 12.0.45, before 13.0.10, before 14.0.10; Intel TXE 3.1.70 Previous versions, versions before 4.0.20

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) CSME Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. A local attacker could exploit this vulnerability to elevate privileges

Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access. Intel(R) CSME Contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. Security vulnerabilities exist in subsystems in Intel CSME versions prior to 12.0.45, versions prior to 13.0.10, and versions prior to 14.0.10. A local attacker could exploit this vulnerability to elevate privileges and leak information

Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Intel(R) AMT Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology ( AMT ) is the US Intel ( Intel ) company's set of hardware-based computer remote active management technology software. An attacker could exploit this vulnerability to elevate privileges

Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Intel(R) AMT Contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. A subsystem in Intel AMT has a security vulnerability. An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: Intel AMT versions prior to 11.8.70, versions prior to 11.11.70, versions prior to 11.22.70, and versions prior to 12.0.45

Siemens is a leading global technology company. With innovations in the areas of electrification, automation and digitalization, Siemens provides solutions for customers in the fields of power generation and transmission and distribution, infrastructure, industrial automation, drives and software. SIEMENS SIMATIC S7-200 Smart PLC has an authentication bypass vulnerability. An attacker can bypass the identity authentication by falsifying data to arbitrarily alter the value of the PLC register

Siemens is a leading global technology company. With innovations in the areas of electrification, automation and digitalization, Siemens provides solutions for customers in the fields of power generation and transmission and distribution, infrastructure, industrial automation, drives and software. Siemens STEP 7-MicroWIN SMART has a denial of service vulnerability that could be exploited by an attacker to cause the server to deny service