VARIoT IoT vulnerabilities database
| VAR-202407-1947 | CVE-2024-39493 | Linux of Linux Kernel Vulnerability regarding lack of memory release after expiration in |
CVSS V2: 7.2 CVSS V3: 5.5 Severity: MEDIUM |
In the Linux kernel, the following vulnerability has been resolved:
crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
Using completion_done to determine whether the caller has gone
away only works after a complete call. Furthermore it's still
possible that the caller has not yet called wait_for_completion,
resulting in another potential UAF.
Fix this by making the caller use cancel_work_sync and then freeing
the memory safely. Linux of Linux Kernel Contains a vulnerability regarding the lack of free memory after expiration.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on the SINEC operating system with up to 28 non-blocking interfaces.
SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs).
Multiple vulnerabilities in third-party components of Siemens' SINEC OS could allow attackers to gain control of the server
| VAR-202407-1627 | CVE-2024-39489 | Linux of Linux Kernel Vulnerability regarding lack of memory release after expiration in |
CVSS V2: 7.2 CVSS V3: 5.5 Severity: MEDIUM |
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix memleak in seg6_hmac_init_algo
seg6_hmac_init_algo returns without cleaning up the previous allocations
if one fails, so it's going to leak all that memory and the crypto tfms.
Update seg6_hmac_exit to only free the memory when allocated, so we can
reuse the code directly. Linux of Linux Kernel Contains a vulnerability regarding the lack of free memory after expiration.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on the SINEC operating system with up to 28 non-blocking interfaces.
SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs).
Multiple vulnerabilities in third-party components of Siemens' SINEC OS could allow attackers to gain control of the server
| VAR-202407-1822 | CVE-2024-38301 | Dell's Alienware Command Center Vulnerability in |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Dell Alienware Command Center, version 5.7.3.0 and prior, contains an improper access control vulnerability. A low privileged attacker could potentially exploit this vulnerability, leading to denial of service on the local system and information disclosure. Dell's Alienware Command Center Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202407-1247 | CVE-2023-32472 | Dell's edge gateway 3200 firmware and edge gateway 5200 Out-of-bounds write vulnerability in firmware |
CVSS V2: 4.0 CVSS V3: 8.2 Severity: HIGH |
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege. (DoS) It may be in a state. Dell Edge Gateway is a series of intelligent gateway devices from Dell in the United States. It is designed to aggregate, protect, analyze and relay data from various sensors and devices at the edge of the network. The vulnerability is caused by a boundary error when the application processes untrusted input
| VAR-202407-0943 | CVE-2023-32467 | Initialization vulnerability in multiple Dell products |
CVSS V2: - CVSS V3: 8.2 Severity: HIGH |
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege. (DoS) It may be in a state
| VAR-202407-0234 | CVE-2024-39883 | Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics, INC. of cncsoft-g2 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2
| VAR-202407-0235 | CVE-2024-39882 | Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics Provided by CNCSoft-G2 The following multiple vulnerabilities exist in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. Delta Electronics CNCSoft-G2 is a human-machine interface (HMI) software from Delta Electronics, a Chinese company
| VAR-202407-0232 | CVE-2024-39881 | Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics, INC. of cncsoft-g2 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2
| VAR-202407-0233 | CVE-2024-39880 | Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics, INC. of cncsoft-g2 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2
| VAR-202407-0512 | CVE-2023-48194 | Shenzhen Tenda Technology Co.,Ltd. of ac8v4 Firmware vulnerabilities |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. Shenzhen Tenda Technology Co.,Ltd. of ac8v4 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda AC8 is a dual-gigabit wireless router designed for homes with fiber optic connections up to 1000 Mbps. It supports IPv6 and features intelligent network management
| VAR-202407-0359 | CVE-2024-38015 | Microsoft's Microsoft Windows Server Service operation interruption in (DoS) Vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
| VAR-202407-2006 | CVE-2024-23663 | fortinet's FortiExtender Firmware vulnerabilities |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request. fortinet's FortiExtender There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiExtender is a wireless WAN (Wide Area Network) extender device from Fortinet, an American company.
Fortinet FortiExtender has an access control error vulnerability, which is caused by improper access control
| VAR-202407-0139 | CVE-2024-39876 | Siemens' SINEMA Remote Connect Server Vulnerability in resource allocation without restrictions or throttling in |
CVSS V2: 2.1 CVSS V3: 4.0 Severity: MEDIUM |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly handle log rotation. This could allow an unauthenticated remote attacker to cause a denial of service condition through resource exhaustion on the device. The platform is mainly used for remote access, maintenance, control and diagnosis of underlying networks
| VAR-202407-0140 | CVE-2024-39875 | Siemens' SINEMA Remote Connect Server Vulnerability in improper permission assignment for critical resources in |
CVSS V2: 5.0 CVSS V3: 4.3 Severity: MEDIUM |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows authenticated, low privilege users with the 'Manage own remote connections' permission to retrieve details about other users and group memberships. The platform is mainly used for remote access, maintenance, control and diagnosis of underlying networks
| VAR-202407-0135 | CVE-2024-39874 | Siemens' SINEMA Remote Connect Server Vulnerability in improperly limiting excessive authentication attempts in |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its Client Communication component. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks. The platform is mainly used for remote access, maintenance, control and diagnosis of underlying networks
| VAR-202407-0134 | CVE-2024-39873 | Siemens' SINEMA Remote Connect Server Vulnerability in improperly limiting excessive authentication attempts in |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its web API. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks. The platform is mainly used for remote access, maintenance, control and diagnosis of underlying networks
| VAR-202407-0144 | CVE-2024-39872 | Siemens' SINEMA Remote Connect Server Vulnerability in |
CVSS V2: 8.5 CVSS V3: 9.9 Severity: CRITICAL |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly assign rights to temporary files created during its update process. This could allow an authenticated attacker with the 'Manage firmware updates' role to escalate their privileges on the underlying OS level. Siemens' SINEMA Remote Connect Server Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The platform is mainly used for remote access, maintenance, control and diagnosis of underlying networks. Attackers can exploit this vulnerability to escalate their permissions at the underlying operating system level
| VAR-202407-0142 | CVE-2024-39871 | Siemens' SINEMA Remote Connect Server Fraud related to unauthorized authentication in |
CVSS V2: 6.5 CVSS V3: 5.4 Severity: MEDIUM |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage devices to gain access to participant groups that the attacked does not belong to. The platform is mainly used for remote access, maintenance, control and diagnosis of underlying networks
| VAR-202407-0146 | CVE-2024-39870 | Siemens' SINEMA Remote Connect Server Vulnerability in |
CVSS V2: 6.5 CVSS V3: 7.8 Severity: HIGH |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured to allow users to manage own users. A local authenticated user with this privilege could use this modify users outside of their own scope as well as to escalate privileges. Siemens' SINEMA Remote Connect Server Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The platform is mainly used for remote access, maintenance, control and diagnosis of underlying networks
| VAR-202407-0145 | CVE-2024-39869 | Siemens' SINEMA Remote Connect Server Vulnerability in |
CVSS V2: 6.8 CVSS V3: 6.5 Severity: MEDIUM |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected products allow to upload certificates. An authenticated attacker could upload a crafted certificates leading to a permanent denial-of-service situation. In order to recover from such an attack, the offending certificate needs to be removed manually. The platform is mainly used for remote access, maintenance, control and diagnosis of the underlying network.
Siemens SINEMA Remote Connect Server has an abnormal or improper abnormal situation check vulnerability, which can be exploited by attackers to upload carefully crafted certificates, resulting in permanent denial of service