VARIoT IoT vulnerabilities database

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. AMD is one of the AMD product components. A local attacker could exploit this vulnerability to read kernel memory

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. AMD is one of the AMD product components. A local attacker could exploit this vulnerability to read kernel memory

In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. AMD is one of the AMD product components. An attacker could exploit this vulnerability to execute arbitrary code with kernel privileges

In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Calculator is one of the calculator components. A security vulnerability exists in the Calculator component of Apple's iOS prior to 11.2. An attacker could exploit this vulnerability to change currency exchange rates

In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. SafariViewController is one of the web browser components. A security vulnerability exists in the SafariViewController component in Apple iOS versions prior to 11.2. An attacker can use this vulnerability to forge the content of the address bar by using a malicious website

In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved credential validation. macOS High Sierra Vulnerabilities related to authorization, authority, and access control exist due to a lack of processing related to credential verification.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. Security is one of the security components. An attacker could exploit this vulnerability to bypass administrator authentication (without requiring an administrator password)

In iOS before 11.2, a type confusion issue was addressed with improved memory handling. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. ReplayKit is one of the screen recording components. An attacker could exploit this vulnerability to prevent users from controlling their screencasts

In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. APFS is one of the Apple device-specific file system components. There is a security vulnerability in the APFS component in Apple macOS High Sierra version 10.13.1. The vulnerability stems from the fact that the APFS encryption key may not be safely deleted after hibernation. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. Wi-Fi is one of the wireless Internet access components. Attackers can use this vulnerability to change WiFi system parameters, resulting in denial of service

In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. GasGauge is one of the battery fuel gauge components. A security vulnerability exists in the GasGauge component of Apple iOS prior to 9.3.3. An attacker could exploit this vulnerability with a malicious application to execute arbitrary code with kernel privileges (kernel corruption)

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials. Apple iOS, tvOS, and OS X El Capitan are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; OS X El Capitan is a dedicated operating system developed for Mac computers. CFNetwork Proxies is one of the components used to handle proxy connection response issues. An attacker could exploit this vulnerability to disclose sensitive user information

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation. in the United States. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; OS X El Capitan is a dedicated operating system developed for Mac computers. CFNetwork Proxies is one of the components used to handle proxy connection response issues. An attacker could exploit this vulnerability to disclose sensitive user information

Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access. Intel(R) Optane(TM) SSD DC P4800X Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. IntelOptaneSSDDCP4800X is a solid state drive from Intel Corporation of the United States. A security vulnerability exists in the firmware update subroutine of the bootloader in previous versions of IntelOptaneSSDDCP4800XE2010435. A local attacker can exploit this vulnerability to cause a denial of service

Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access. Intel(R) Optane(TM) SSD DC P4800X Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. IntelOptaneSSDDCP4800X is a solid state drive from Intel Corporation of the United States. A security vulnerability exists in the firmware in previous versions of IntelOptaneSSDDCP4800XE2010435 due to a program failing to write protect. A local attacker can exploit this vulnerability to cause a denial of service

Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. Provided by OMRON Corporation CX-One Contains a vulnerability that allows arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PSW files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. The Omron CX-One is an integrated toolkit from Omron, Japan (Omron) that includes networking, PT, frequency converters, temperature controllers, and PLC programming software. CX-Protocol is one of the components used to create serial communication protocols to communicate with standard serial devices. Omron CX-Protocol is prone to multiple arbitrary code-execution vulnerabilities. Failed exploits will result in denial-of-service conditions

A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to cause a denial of service. Emerson DeltaV DCS Contains vulnerabilities related to authorization, permissions, and access control.Service operation interruption (DoS) There is a possibility of being put into a state. The Emerson DeltaV Distributed Control System is an automated distributed control system from Emerson Electric. The system includes network security management, alarm management, batch control and change management. Emerson DeltaV is prone to an authentication-bypass vulnerability. DeltaV Distributed Control System 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior are vulnerable

Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4 a cross-site scripting vulnerability has been identified that may allow a remote attacker to inject code to some web pages affecting confidentiality. plural Tridium Niagara Product Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Multiple Tridium Products are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated configuration web server of the affected CP devices could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a legitimate user. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform. At the time of advisory publication no public exploitation of this vulnerability was known. CP 1604 and CP 1616 Contains a cross-site request forgery vulnerability.Information may be tampered with. The SIEMENS CP1604 is used to connect a PCI-104 system to PROFINET IO. The SIEMENS CP1616 is an innovative product that is installed in a PC for PROFINET communication. Siemens CP1604 and CP1616 are prone to following security vulnerabilities: 1. An information disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A cross-site request-forgery vulnerability Attackers can exploit these issues to obtain sensitive information, or execute arbitrary code or arbitrary HTML or script code in the browser of an unsuspecting user within the context of the affected application. This can allow the attacker to steal cookie-based authentication credentials and aid in further attacks. The following products and versions are vulnerable: All versions prior to Siemens CP1604 2.8 All versions prior to Siemens CP1616 2.8. The vulnerability stems from the fact that the WEB application does not fully verify whether the request is from a trusted user. An attacker could exploit this vulnerability to send unexpected requests to the server through an affected client

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition. Successful exploitation requires network access to a vulnerable device. At the time of advisory publication no public exploitation of this vulnerability was known. CP 1604 and CP 1616 Contains an information disclosure vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. The SIEMENS CP1604 is used to connect a PCI-104 system to PROFINET IO. The SIEMENS CP1616 is an innovative product that is installed in a PC for PROFINET communication. A denial of service vulnerability exists in the SIEMENS CP1604 and CP1616 devices. Siemens CP1604 and CP1616 are prone to following security vulnerabilities: 1. An information disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A cross-site request-forgery vulnerability Attackers can exploit these issues to obtain sensitive information, or execute arbitrary code or arbitrary HTML or script code in the browser of an unsuspecting user within the context of the affected application. This can allow the attacker to steal cookie-based authentication credentials and aid in further attacks. The following products and versions are vulnerable: All versions prior to Siemens CP1604 2.8 All versions prior to Siemens CP1616 2.8