VARIoT IoT vulnerabilities database
| VAR-202411-1660 | CVE-2024-11803 | Fuji Electric's Tellus Lite V-Simulator Out-of-bounds write vulnerability in |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24771. (DoS) It may be in a state
| VAR-202411-1739 | CVE-2024-11787 | Fuji Electric's Monitouch V-SFT Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24413. Fuji Electric's Monitouch V-SFT Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fuji Electric Monitouch V-SFT is a configuration software for human-machine interface (HMI) provided by Fuji Electric Corporation. It supports a variety of functions, including custom home screen, PDF document viewer, video player, alarm message, 10 pop-up windows, etc
| VAR-202411-1622 | CVE-2024-11791 | Fuji Electric's Monitouch V-SFT Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Fuji Electric Monitouch V-SFT V8C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of V8C files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24450. Fuji Electric's Monitouch V-SFT Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fuji Electric Monitouch V-SFT is human-machine interface (HMI) configuration software developed by Fuji Electric. It is primarily used in industrial automation and provides functions such as touchscreen interface design, PDF document viewing, video playback, and alarm notifications
| VAR-202411-1631 | CVE-2024-11789 | Fuji Electric's Monitouch V-SFT Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24448. Fuji Electric's Monitouch V-SFT Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fuji Electric Monitouch V-SFT is a configuration software for human-machine interface (HMI) provided by Fuji Electric Corporation
| VAR-202411-1638 | CVE-2024-11800 | Fuji Electric's Tellus Lite V-Simulator Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24768. Fuji Electric's Tellus Lite V-Simulator Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It is primarily used to collect real-time data from devices such as PLCs, temperature controllers, and inverters. An attacker can exploit this vulnerability by submitting a specially crafted file request to trick the user into parsing the file, potentially causing the application to crash or executing arbitrary code within the application context
| VAR-202411-1725 | CVE-2024-11801 | Fuji Electric's Tellus Lite V-Simulator Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24769. (DoS) It may be in a state. It is primarily used to collect real-time data from devices such as PLCs, temperature controllers, and inverters. An attacker can exploit this vulnerability by submitting a specially crafted file request to trick the user into parsing the file, potentially causing the application to crash or executing arbitrary code within the application context
| VAR-202411-1649 | CVE-2024-11799 | Fuji Electric's Tellus Lite V-Simulator Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24664. Fuji Electric's Tellus Lite V-Simulator Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It is primarily used to collect real-time data from devices such as PLCs, temperature controllers, and inverters. An attacker can exploit this vulnerability by submitting a specially crafted file request to trick the user into parsing the file, potentially causing the application to crash or executing arbitrary code within the application context
| VAR-202411-1620 | CVE-2024-11802 | Fuji Electric's Tellus Lite V-Simulator Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24770. Fuji Electric's Tellus Lite V-Simulator Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It is primarily used to collect real-time data from devices such as PLCs, temperature controllers, and inverters. An attacker can exploit this vulnerability by submitting a specially crafted file request to trick the user into parsing the file, potentially causing the application to crash or executing arbitrary code within the application context
| VAR-202411-1568 | CVE-2024-11745 | Shenzhen Tenda Technology Co.,Ltd. of AC8 Out-of-bounds write vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC8 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC8 is a wireless router produced by Tenda Corporation, used for home and small business network connections. An attacker can exploit this vulnerability to execute arbitrary code
| VAR-202411-3254 | CVE-2017-11076 | Buffer error vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. MSM8909W firmware, MSM8996AU firmware, SD 210 Multiple Qualcomm products such as firmware contain a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202411-3091 | CVE-2024-53101 | Linux of Linux Kernel Vulnerability in using uninitialized resources in |
CVSS V2: 7.2 CVSS V3: 5.5 Severity: MEDIUM |
In the Linux kernel, the following vulnerability has been resolved:
fs: Fix uninitialized value issue in from_kuid and from_kgid
ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in
a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set.
Initialize all fields of newattrs to avoid uninitialized variables, by
checking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0. Linux of Linux Kernel Exists in the use of uninitialized resources.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues
| VAR-202411-1479 | CVE-2024-11650 | Shenzhen Tenda Technology Co.,Ltd. of i9 in the firmware NULL Pointer dereference vulnerability |
CVSS V2: 6.8 CVSS V3: 6.5 Severity: High |
A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of i9 The firmware has NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. Tenda i9 is a ceiling-mounted wireless access point from China's Tenda company. An attacker can exploit this vulnerability to cause a denial of service
| VAR-202411-1370 | CVE-2024-52034 | mySCADA myPRO Manager Operating System Command Injection Vulnerability (CNVD-2024-46408) |
CVSS V2: 10.0 CVSS V3: 10.0 Severity: Critical |
An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands. mySCADA myPRO is a professional HMI/SCADA system designed primarily for visualization and control of industrial processes
| VAR-202411-1373 | CVE-2024-50054 | mySCADA myPRO Manager Directory Traversal Vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: High |
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system. mySCADA myPRO is a professional HMI/SCADA system designed primarily for visualization and control of industrial processes.
mySCADA myPRO Manager has a directory traversal vulnerability that an attacker can exploit to submit special requests to view system file contents in the context of the application and obtain sensitive information
| VAR-202411-1369 | CVE-2024-47407 | mySCADA myPRO Manager OS Command Injection Vulnerability |
CVSS V2: 10.0 CVSS V3: 10.0 Severity: Critical |
A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands. mySCADA myPRO is a professional HMI/SCADA system designed primarily for visualization and control of industrial processes
| VAR-202411-1371 | CVE-2024-47138 | mySCADA myPRO Manager Access Control Error Vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: Critical |
The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed. mySCADA myPRO is a professional HMI/SCADA system designed primarily for visualization and control of industrial processes.
mySCADA myPRO Manager has an access control error vulnerability that allows attackers to submit special requests and gain unauthorized access to resources
| VAR-202411-1372 | CVE-2024-45369 | mySCADA myPRO Manager Authorization Issue Vulnerability |
CVSS V2: 7.6 CVSS V3: 8.1 Severity: Critical |
The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource. mySCADA myPRO is a professional HMI/SCADA system designed for visualization and control of industrial processes.
mySCADA myPRO Manager has an authorization vulnerability that allows attackers to submit special requests and access resources without authorization
| VAR-202411-2348 | CVE-2024-52723 | TOTOLINK of x6000r in the firmware OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering. An attacker can achieve arbitrary command execution by constructing the payload. TOTOLINK of x6000r The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X6000R is a wireless router produced by China's TOTOLINK Electronics.
TOTOLINK X6000R has a security vulnerability
| VAR-202411-1990 | CVE-2024-53335 | TOTOLINK of a810r Classic buffer overflow vulnerability in firmware |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi. TOTOLINK of a810r Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A810R is a wireless dual-band router from China's TOTOLINK Electronics.
TOTOLINK A810R has a buffer overflow vulnerability, which is caused by the failure of downloadFlile.cgi to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202411-1752 | CVE-2024-53334 | TOTOLINK of a810r Classic buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi. TOTOLINK of a810r Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A810R is a wireless dual-band router produced by China's TOTOLINK Electronics. A remote attacker can use this vulnerability to submit special requests, which can cause the service program to crash or execute arbitrary code in the application context