VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201908-1587 CVE-2018-18056 Texas Instruments TM4C microcontroller series Vulnerable to information disclosure CVSS V2: 2.1
CVSS V3: 4.6
Severity: MEDIUM
An issue was discovered in the Texas Instruments (TI) TM4C, MSP432E and MSP432P microcontroller series. The eXecute-Only-Memory (XOM) implementation prevents code read-outs on protected memory by generating bus faults. However, single-stepping and using breakpoints is allowed in XOM-protected flash memory. As a consequence, it is possible to execute single instructions with arbitrary system states (e.g., registers, status flags, and SRAM content) and observe the state changes produced by the unknown instruction. An attacker could exploit this vulnerability by executing protected and unknown instructions with specific system states and observing the state changes. Based on the gathered information, it is possible to reverse-engineer the executed instructions. The processor acts as a kind of "instruction oracle.". This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components
VAR-201908-0041 CVE-2019-6177 Lenovo Solution Center Vulnerable to information disclosure CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Lenovo Vantage or Lenovo Diagnostics in April 2018. Lenovo Solution Center Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lenovo Solution Center is a set of computer system monitoring software developed by China Lenovo (Lenovo). The software is capable of identifying system health, the status of network connectivity and overall system security, and more. An attacker could exploit this vulnerability to elevate privileges
VAR-201908-0016 CVE-2019-4294 IBM DataPower Gateway and IBM MQ Appliance Command injection vulnerability CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7.6.0.15 and IBM MQ Appliance 8.0.0.0 through 8.0.0.12, 9.1.0.0 through 9.1.0.2, and 9.1.1 through 9.1.2 could allow a local attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. IBM X-Force ID: 16188. Vendors have confirmed this vulnerability IBM X-Force ID: 16188 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following products and versions are affected: IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.6, DataPower Gateway 7.6.0.0 to 7.6.0.15, DataPower Gateway CD
VAR-201908-0086 CVE-2019-5040 Openweave-core and Google Nest Cam IQ Indoor Input Validation Error Vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
An exploitable information disclosure vulnerability exists in the Weave MessageLayer parsing of Openweave-core version 4.0.2 and Nest Cam IQ Indoor version 4620002. A specially crafted weave packet can cause an integer overflow to occur, resulting in PacketBuffer data reuse. An attacker can send a packet to trigger this vulnerability. Openweave-core and Nest Cam IQ Indoor Contains an integer overflow vulnerability.Information may be obtained. Openweave-core is a home LAN application protocol stack. It is mainly used for asynchronous, symmetrical, device-to-device and device-to-cloud communication for controlling path and data path message passing
VAR-201908-0080 CVE-2019-5034 Nest Cam IQ Indoor Vulnerable to out-of-bounds reading CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this vulnerability. Nest Cam IQ Indoor Contains an out-of-bounds vulnerability.Information may be obtained. An attacker could use this vulnerability to cause a buffer overflow or heap overflow. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations
VAR-201908-0081 CVE-2019-5035 Nest Cam IQ Indoor Authentication vulnerability CVSS V2: 6.8
CVSS V3: 9.0
Severity: CRITICAL
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability. Google Nest Cam IQ Indoor is an indoor camera from Google in the United States
VAR-201908-0082 CVE-2019-5036 Google Nest Cam IQ Indoor Access Control Error Vulnerability CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially crafted packet to trigger this vulnerability
VAR-201908-0083 CVE-2019-5037 Google Nest Cam IQ Indoor Input Validation Error Vulnerability CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of service. An attacker can send a specially crafted packet to trigger
VAR-201908-0042 CVE-2019-6178 Iomega and LenovoEMC NAS Vulnerable to information disclosure CVSS V2: 4.3
CVSS V3: 5.3
Severity: MEDIUM
An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents. Iomega and LenovoEMC NAS Contains an information disclosure vulnerability.Information may be obtained. LenovoEMC px12-350r is a network storage device of LenovoEMC. An attacker could exploit this vulnerability to disclose device details. The following products and versions are affected: px12-350r version 4.0.24.34808; ix12-300r version 4.0.24.34808; HMNHD (Home Media Network Hard Drive) (Cloud Editiond) version 3.2.16.30221; StorCenter ix2-200 (Cloud Editiond)3.2. Version 16.30221; StorCenter ix4-200d (Cloud Edition) version 3.2.16.30221; StorCenter ix2-200 version 2.1.50.30227; StorCenter ix4-200d version 2.1.50.30227; StorCenter ix4-200rl version 2.1.50.30227
VAR-201909-0865 CVE-2019-13953 YI M1 Mirrorless Camera Authentication vulnerability CVSS V2: 8.3
CVSS V3: 8.8
Severity: HIGH
An exploitable authentication bypass vulnerability exists in the Bluetooth Low Energy (BLE) authentication module of YI M1 Mirrorless Camera V3.2-cn. An attacker can send a set of BLE commands to trigger this vulnerability, resulting in sensitive data leakage (e.g., personal photos). An attacker can also control the camera to record or take a picture after bypassing authentication. Xiaoyi micro single camera M1 is a micro single camera with built-in Bluetooth and wireless functions that can transfer photos to mobile phones. YI Technology M1 Mirrorless Camera is a digital camera produced by China YI Technology Company
VAR-201910-0278 CVE-2019-5043 Google Nest Cam IQ Indoor Resource Management Error Vulnerability CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002. A set of TCP connections can cause unrestricted resource allocation, resulting in a denial of service. An attacker can connect multiple times to trigger this vulnerability. Google Nest Cam IQ Indoor is an indoor camera from Google. The Weave daemon in Google Nest Cam IQ Indoor 4620002 has a resource management error vulnerability that stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products that an attacker can exploit. Denial of service
VAR-201908-0085 CVE-2019-5039 Openweave-core Buffer error vulnerability CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An exploitable command execution vulnerability exists in the ASN1 certificate writing functionality of Openweave-core version 4.0.2. A specially crafted weave certificate can trigger a heap-based buffer overflow, resulting in code execution. An attacker can craft a weave certificate to trigger this vulnerability. Openweave-core Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
VAR-201908-0084 CVE-2019-5038 OpenWeave Openweave-core Buffer error vulnerability CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted Weave command. OpenWeave Openweave-core Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
VAR-201911-1050 CVE-2019-1981 plural Cisco Authentication vulnerabilities in products CVSS V2: 5.0
CVSS V3: 5.8
Severity: MEDIUM
A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked. Cisco Firepower Management Center (FMC) and others are products of Cisco (Cisco)
VAR-201911-1052 CVE-2019-1978 plural Cisco Authentication vulnerabilities in products CVSS V2: 5.0
CVSS V3: 5.8
Severity: MEDIUM
A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Cisco Firepower Management Center (FMC) and others are products of Cisco (Cisco)
VAR-201911-1051 CVE-2019-1982 plural Cisco Inappropriate default permission vulnerability in the product CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked. Cisco Firepower Management Center (FMC) and others are products of Cisco (Cisco). passed request)
VAR-201911-1053 CVE-2019-1980 plural Cisco Authentication vulnerabilities in products CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy. Cisco Firepower Management Center (FMC) and others are products of Cisco (Cisco)
VAR-201908-0869 CVE-2019-13520 Fuji Electric Alpha5 SDP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application. Alpha5 Smart Loader Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PLD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of an administrator
VAR-201908-1939 CVE-2019-11140 Intel Multiple vulnerabilities in the product CVSS V2: 4.6
CVSS V3: 6.7
Severity: MEDIUM
Insufficient session validation in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Intel NUC Kit NUC7i7DNx, etc. are all products of Intel Corporation of the United States. Intel NUC Kit NUC7i7DNx is a small computer host device. NUC Kit NUC7i5DNx is a small computer host device. Compute Stick STK2MV64CC is an external computing module. An input validation error vulnerability exists in the system firmware of several Intel products due to the program's insufficient session validation. A local attacker could exploit this vulnerability to elevate privileges, cause a denial of service and/or disclose information. The following products and versions are affected: Intel NUC Kit NUC7i7DNx; NUC Kit NUC7i5DNx; NUC Kit NUC7i3DNx; Compute Stick STK2MV64CC; Compute Card CD1IV128MK
VAR-201908-0067 CVE-2019-3417 ZTE ZXHN F670 Command Injection Vulnerability CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system. ZTE ZXHN F670 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTE ZXHN F670 is a modem from China ZTE Corporation (ZTE). An attacker could exploit the vulnerability to execute an illegal command. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data