VARIoT IoT vulnerabilities database

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior). (DoS) It may be in a state. Schneider Electric Interactive Graphical Scada System (Igss) is a Scada system for monitoring industrial processes from Schneider Electric in France

A CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior). This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to create a denial-of-service condition on the IGSS application. Schneider Electric Interactive Graphical SCADA System (IGSS) is a set of SCADA (Data Acquisition and Supervisory Control System) systems used by Schneider Electric in France to monitor and control industrial processes

A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior). This vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose information from the IGSS application. Schneider Electric Interactive Graphical SCADA System (IGSS) is a set of SCADA (Data Acquisition and Supervisory Control System) systems used by Schneider Electric in France to monitor and control industrial processes

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Affected products contain an open redirect vulnerability. An attacker could trick a valid authenticated user to the device into clicking a malicious link there by leading to phishing attacks. The platform is mainly used for remote access, maintenance, control and diagnosis of the underlying network

There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure. EMUI Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei Emui is an Android-based mobile operating system developed by China's Huawei (Huawei)

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handling. ORIGIN and ALTSVC frames are not currently supported by swift-nio-http2, and should be ignored. However, one code path that encounters them has a deliberate trap instead. This was left behind from the original development process and was never removed. Sending an ALTSVC or ORIGIN frame does not require any special permission, so any HTTP/2 connection peer may send such a frame. For clients, this means any server to which they connect may launch this attack. For servers, anyone they allow to connect to them may launch such an attack. The attack is low-effort: it takes very little resources to send one of these frames. The impact on availability is high: receiving the frame immediately crashes the server, dropping all in-flight connections and causing the service to need to restart. It is straightforward for an attacker to repeatedly send these frames, so attackers require very few resources to achieve a substantial denial of service. The attack does not have any confidentiality or integrity risks in and of itself. This is a controlled, intentional crash. However, sudden process crashes can lead to violations of invariants in services, so it is possible that this attack can be used to trigger an error condition that has confidentiality or integrity risks. The risk can be mitigated if untrusted peers can be prevented from communicating with the service. This mitigation is not available to many services. The issue is fixed by rewriting the parsing code to correctly handle the condition. The issue was found by automated fuzzing by oss-fuzz. swift-nio-http2 Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to reboot the router via sending a specially crafted URL to an authenticated victim. The authenticated victim need to visit this URL, for the router to reboot. D-Link DIR-X1860 Contains vulnerabilities related to improper shutdown and release of resources.Service operation interruption (DoS) It may be in a state. The D-Link Dir-X1860 is a dual-band router from China's D-Link company. D-Link DIR-X1860 version prior to v1.10WWB09_Beta has a security vulnerability. The vulnerability stems from the lack of URL verification and filtering in web applications

Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) RXT for Chromebook application There is a vulnerability in improper default permissions.Information may be obtained. Intel Rxt For Chromebook is an Intel Rxt application for Chromebook from Intel Corporation. Attackers can exploit this vulnerability to cause information disclosure

Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. (DoS) It may be in a state. Intel Quartus Prime Pro is a multi-platform design environment developed by Intel Corporation. This product is mainly used for programmable logic device programming. Intel Quartus Prime Pro Edition has a security vulnerability that stems from a potential security vulnerability in Intel Quartus Prime Pro and Standard Edition. An attacker could exploit this vulnerability to cause privilege escalation, denial of service, or information disclosure

There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality. EMUI Exists in unspecified vulnerabilities.Information may be obtained. Huawei Emui is an Android-based mobile operating system developed by China's Huawei (Huawei)

A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA database server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)

There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. EMUI Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei EMUI is an Android-based mobile operating system developed by China's Huawei (Huawei). An attacker could exploit this vulnerability to execute arbitrary code on the system

Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) RealSense(TM) DCM Exists in unspecified vulnerabilities.Information may be obtained

A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA web server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)

There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful exploitation of this vulnerability may cause out-of-bounds access. EMUI There is an input validation vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei Emui is an Android-based mobile operating system developed by China's Huawei (Huawei)

A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted communication with the server when outdated versions of the ViewX client are used. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)

A CWE-125: Out-of-bounds Read vulnerability exists that could cause memory leaks potentially resulting in denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior). The Schneider Electric Interactive Graphical Scada System is a Scada system from Schneider Electric in France for monitoring industrial processes

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by inserting at beginning of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior). (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user

Tuya Smart is an IoT cloud platform that connects the intelligent needs of brands, OEM manufacturers, developers and chain retailers, and provides a one-stop AI IoT PaaS-level solution, covering hardware development, global cloud, and smart business platform development , providing comprehensive ecological empowerment. The Tuya smart app and Tuya converter (smart socket) have a logic flaw vulnerability. The vulnerability stems from not using a secure encryption algorithm (AES/ECB) during the communication between Tuya smart app and Tuya converter (smart socket). Vulnerabilities can be exploited to obtain encrypted message instructions to reconstruct (modify) message packets and calculate corresponding checksums.

All Dell EMC Integrated System for Microsoft Azure Stack Hub versions contain a privilege escalation vulnerability. A remote malicious user with standard level JEA credentials may potentially exploit this vulnerability to elevate privileges and take over the system. (DoS) It may be in a state