VARIoT IoT vulnerabilities database

An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in flash memory, which presents an information-disclosure risk for a discarded or resold device. WiZ Colors A60 Contains a vulnerability in the plaintext storage of important information.Information may be obtained. ------------------------------------------ [Additional Information] Wi-Fi credentials are stored in plain-text on the light bulb. These credentials can be obtained by reading the flash memory directly using a logic analyzer. ------------------------------------------ [VulnerabilityType Other] Information disclosure ------------------------------------------ [Vendor of Product] WiZ Connected ------------------------------------------ [Affected Product Code Base] WiZ Colors A60 - 1.14.0 ------------------------------------------ [Affected Component] WiZ Colors A60 ------------------------------------------ [Attack Type] Physical ------------------------------------------ [Impact Information Disclosure] true ------------------------------------------ [Attack Vectors] Physical, access to the chip is required. ------------------------------------------ [Reference] N/A ------------------------------------------ [Has vendor confirmed or acknowledged the vulnerability?] true ------------------------------------------ [Discoverer] Jasper Nota, Willem Westerhof, Wouter Wessels, Jim Blankendaal from Qbit in assignment of the Consumentenbond. Use CVE-2020-11924

An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged. WiZ Colors A60 Contains a vulnerability in the plaintext storage of important information.Information may be obtained. Applications use general logs to reflect all kind of information to the terminal. The WIZ application does also use logs, however instead of only generic information also API credentials are submitted to the android log. The information that is reflected in the logging can be used to perform authorised requests in behalf of the user and therefore controlling the lights just as the user can do using the application. In order to obtain the information access to the device logs is required. This can most easily be done via local access and also by other apps on rooted devices. ------------------------------------------ [Vulnerability Type] Incorrect Access Control ------------------------------------------ [Vendor of Product] WiZ Connected ------------------------------------------ [Affected Product Code Base] WiZ Colors A60 - 1.14.0 ------------------------------------------ [Affected Component] Wiz Android Application 1.15.0 ------------------------------------------ [Attack Type] Physical ------------------------------------------ [Impact Information Disclosure] true ------------------------------------------ [Attack Vectors] Physical access or local root access on the mobile phone is required in order to exploit this issue. ------------------------------------------ [Reference] N/A ------------------------------------------ [Has vendor confirmed or acknowledged the vulnerability?] true ------------------------------------------ [Discoverer] Wouter Wessels, Willem Westerhof, Jasper Nota, Jim Blankendaal Use CVE-2020-11923

A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Provides centralized tools for securing, managing, versioning, tracking, and reporting automation-related asset information across the plant Rockwell Automation FactoryTalk AssetCentre AssetCentre verifies a security vulnerability in the ArchiveService.rem service that allows remote, unauthorized An authenticated attacker executes arbitrary commands in FactoryTalk Asset Center

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to the FactoryTalk AssetCentre main server and all agent machines. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets

A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Provides centralized tools for securing, managing, versioning, tracking and reporting automation-related asset information across the plant FactoryTalk AssetCentre verifies serialized data A security vulnerability exists that allows remote, unauthenticated attackers to The center executes arbitrary commands

A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Provides centralized tools to secure, manage, version control, track and report automation-related asset information across the factory FactoryTalk AssetCentre has a security vulnerability that stems from not properly restricting all functions related to IIS Remote Services Attackers This vulnerability could be exploited to modify sensitive data in FactoryTalk Asset Center

A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets

The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Rockwell Automation FactoryTalk AssetCentre has a SQL injection vulnerability. Provides a centralized tool for securing, managing, versioning, tracking and reporting automation-related asset information across a factory

A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Rockwell Automation FactoryTalk AssetCentre has a SQL injection vulnerability

The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements. Rockwell Automation Provided by the company FactoryTalk AssetCentre The following multiple vulnerabilities exist in. * Deserialize untrusted data (CWE-502) - CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 , CVE-2021-27460 ‥ * Use of potentially dangerous functions (CWE-676) - CVE-2021-27474 ‥ * OS Command injection (CWE-78) - CVE-2021-27476 ‥ * SQL injection (CWE-89) - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary command executed by an unauthenticated remote third party - CVE-2021-27476 , CVE-2021-27470 , CVE-2021-27466 , CVE-2021-27462 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Confidential data is changed - CVE-2021-27474 ‥ * Any by an unauthenticated remote third party SQL The statement is executed - CVE-2021-27472 , CVE-2021-27468 , CVE-2021-27464 ‥ * By an unauthenticated remote third party FactoryTalk AssetCentre Accessed to main server and all agent machines - CVE-2021-27460. Rockwell Automation FactoryTalk AssetCentre is an asset management software tool launched by Rockwell Automation, USA, which can be used by manufacturers and industrial enterprises for centralized management of controllers and other automation-related assets. Rockwell Automation FactoryTalk AssetCentre has a SQL injection vulnerability

A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios. Huawei Smartphones contain a vulnerability regarding the lack of resource release after a valid lifetime.Denial of service (DoS) It may be put into a state. Huawei Emui is an Android-based mobile operating system developed by China's Huawei (Huawei)

A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read. Huawei A classic buffer overflow vulnerability exists in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Emui is an Android-based mobile operating system developed by China's Huawei (Huawei)

An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages. Huawei There are unspecified vulnerabilities in smartphones.Information may be tampered with

An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages. Huawei There are unspecified vulnerabilities in smartphones.Information may be tampered with

Improper neutralization of special elements used in an OS command in SYNO.Core.Network.PPPoE in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via realname parameter. Synology DiskStation Manager (DSM) Has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Synology DiskStation Manager (DSM) is an operating system for network storage servers (NAS) developed by Synology, Taiwan. The operating system can manage data, documents, photos, music and other information

A potential security vulnerability has been identified in HPE Superdome Flex server. A denial of service attack can be remotely exploited leaving hung connections to the BMC web interface. The monarch BMC must be rebooted to recover from this situation. Other BMC management is not impacted. HPE has made the following software update to resolve the vulnerability in HPE Superdome Flex Server: Superdome Flex Server Firmware 3.30.142 or later

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-882 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device.

The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3). ASUS UX360CA BIOS Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Asus UX360CA BIOS through 303 is a notebook computer from Asus, Japan. UX360CA BIOS through 303 on ASUS has a security vulnerability

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4). Huawei P30 is a smart phone of China's Huawei (Huawei) company. The vulnerability stems from the program's failure to properly validate the input file. Attackers use this vulnerability to cause abnormal program services