VARIoT IoT vulnerabilities database

ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the IPAddress parameter of the ABB BeFesto OPC Driver. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of an administrator. ABB Panel Builder 800 is a web-based HMI (Human Machine Interface) system from ABB, Switzerland

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could allow arbitrary code execution on the system of a targeted user. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvi02621, CSCvi02965, CSCvi63329, CSCvi63333, CSCvi63335, CSCvi63374, CSCvi63376, CSCvi63377, CSCvi63391, CSCvi63392, CSCvi63396, CSCvi63495, CSCvi63497, CSCvi63498, CSCvi82684, CSCvi82700, CSCvi82705, CSCvi82725, CSCvi82737, CSCvi82742, CSCvi82760, CSCvi82771, CSCvj51284, CSCvj51294. Vendors have confirmed this vulnerability Bug IDs: CSCvi02621 , CSCvi02965 , CSCvi63329 , CSCvi63333 , CSCvi63335 , CSCvi63374 , CSCvi63376 , CSCvi63377 , CSCvi63391 , CSCvi63392 , CSCvi63396 , CSCvi63495 , CSCvi63497 , CSCvi63498 , CSCvi82684 , CSCvi82700 , CSCvi82705 , CSCvi82725 , CSCvi82737 , CSCvi82742 , CSCvi82760 , CSCvi82771 , CSCvj51284 , CSCvj51294 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a heap-based buffer. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRF files. Crafted data can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could cause an affected player to crash, resulting in a denial of service (DoS) condition. The Cisco Webex players are applications that are used to play back Webex meetings that have been recorded by an online meeting attendee. The Webex Network Recording Player for .arf files can be automatically installed when the user accesses a recording that is hosted on a Webex server. The Webex Player for .wrf files can be downloaded manually. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvh70253, CSCvh70268, CSCvh72272, CSCvh72281, CSCvh72285, CSCvi60477, CSCvi60485, CSCvi60490, CSCvi60520, CSCvi60529, CSCvi60533. Vendors have confirmed this vulnerability Bug ID CSCvh70253 , CSCvh70268 , CSCvh72272 , CSCvh72281 , CSCvh72285 , CSCvi60477 , CSCvi60485 , CSCvi60490 , CSCvi60520 , CSCvi60529 ,and CSCvi60533 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient access restrictions to the HTTP management interface of the affected solution. An attacker could exploit this vulnerability by sending a malicious HTTP request to the affected management service through an authenticated device. A successful exploit could allow the attacker to execute arbitrary code with vmanage user privileges or stop HTTP services on an affected system. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69976. Vendors have confirmed this vulnerability Bug ID CSCvi69976 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CiscovBondOrchestratorSoftware and others are products of Cisco. CiscovBondOrchestratorSoftware is a set of secure network extension management software. The vEdge100SeriesRouters is a 100 Series router product. SD-WANSolution is a set of network expansion solutions running in it. Failed exploit attempts may result in a denial-of-service condition

A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918. Vendors have confirmed this vulnerability Bug IDs: CSCvg38918 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017. Cisco Policy Suite Is vulnerable to a lack of authentication for critical functions. Vendors have confirmed this vulnerability Bug IDs: CSCvh18017 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. This solution provides functions such as user-based business rules, real-time management of applications and network resources

A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by accessing the Policy Builder interface. A successful exploit could allow the attacker to make changes to existing repositories and create new repositories. Cisco Bug IDs: CSCvi35109. Vendors have confirmed this vulnerability Bug IDs: CSCvi35109 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This solution provides functions such as user-based business rules, real-time management of applications and network resources

A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software by using the HTTP POST method. An attacker who can submit malicious scripts to the affected user interface element could execute arbitrary script or HTML code in the user's browser in the context of the affected site. Cisco Bug IDs: CSCvj33287. Cisco Webex Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvj33287 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70967. Vendors have confirmed this vulnerability Bug ID CSCvg70967 It is released as.Information may be obtained and information may be altered. This component integrates agent application and self-service voice service, and provides functions such as call distribution and customer access control. The vulnerability stems from the program's insufficient validation of user-submitted data

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user. Cisco Bug IDs: CSCvh18087. Vendors have confirmed this vulnerability Bug ID CSCvh18087 It is released as.Information may be obtained. This solution provides functions such as user-based business rules, real-time management of applications and network resources

A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific function within the user interface. An attacker could exploit this vulnerability by injecting code into a function parameter. Cisco Bug IDs: CSCvi12935. Cisco Cloud Services Platform 2100 Contains a buffer error vulnerability. Vendors report this vulnerability Bug IDs: CSCvi12935 Published as.Information is acquired, information is falsified, and denial of service (DoS) May be in a state

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Cisco Bug IDs: CSCvg71018. Vendors have confirmed this vulnerability Bug ID CSCvg71018 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A successful exploit may allow an attacker to obtain sensitive information, perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Cisco Finesse is a set of call center management software developed by Cisco. The software improves call center service quality, improves customer experience, and increases agent satisfaction. A remote attacker can exploit this vulnerability to submit HTTP requests to arbitrary hosts by submitting specially crafted HTTP requests to the Cisco Finesse server

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040. Vendors have confirmed this vulnerability Bug ID CSCvg71040 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This component integrates agent application and self-service voice service, and provides functions such as call distribution and customer access control. A remote attacker could exploit this vulnerability by viewing an affected login form to retrieve clear text passwords

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70904. Vendors have confirmed this vulnerability Bug ID CSCvg70904 It is released as.Information may be obtained and information may be altered. This component integrates agent application and self-service voice service, and provides functions such as call distribution and customer access control. The vulnerability stems from the program's insufficient validation of user-submitted data

A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the Policy Builder interface and modifying an HTTP request. A successful exploit could allow the attacker to make changes to existing policies. Cisco Bug IDs: CSCvi35007. Vendors have confirmed this vulnerability Bug ID CSCvi35007 It is released as.Information may be tampered with. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This solution provides functions such as user-based business rules, real-time management of applications and network resources

A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting certain malicious code. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCve25985. Vendors have confirmed this vulnerability Bug ID CSCve25985 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks

A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco Bug IDs: CSCvh06134. Cisco Policy Suite Is vulnerable to a lack of authentication for critical functions. Vendors have confirmed this vulnerability Bug ID CSCvh06134 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. This solution provides functions such as user-based business rules, real-time management of applications and network resources

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. Cisco Bug IDs: CSCvg70921. Vendors have confirmed this vulnerability Bug ID CSCvg70921 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This component integrates agent application and self-service voice service, and provides functions such as call distribution and customer access control. A remote attacker could exploit this vulnerability by convincing a user of the interface to open a specially crafted link to download, create, modify, and delete metadata files

Shenzhen Hanglisheng Technology Co., Ltd. has been committed to the research and development, production and sales of industrial automation products since its establishment. The company was formerly a trading company specializing in foreign industrial control products. There is a memory corruption vulnerability in the all-in-one configuration software 2.0 of Shenzhen Hanglisheng Technology Co., Ltd. The vulnerability is due to the failure of HMICreator-V2 to verify the addressability of data in malformed project files. An attacker could use the vulnerability to read an illegal file reference in the project file, causing memory corruption. Successful exploitation of this vulnerability could also result in arbitrary code execution

Fuzhou Fuchang Weikong Electronic Technology Co., Ltd. is a high-tech company specializing in the research, development and sales of products in the field of automation. industry. LeviStudio has a denial of service vulnerability. By constructing a malformed Font.hft file, an attacker can exploit the vulnerability to launch a denial of service attack. The company produces industrial man-machine interfaces and universal PLC And other products used in machinery supporting, metallurgy, chemical, petroleum and other industries