VARIoT IoT vulnerabilities database

Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. * Deserialization of untrusted data (CWE-502) - CVE-2021-27475 ‥ * Path traversal (CWE-22) - CVE-2021-27471 ‥ * Incorrect input confirmation (CWE-20) - CVE-2021-27473The expected impact depends on each vulnerability, but it may be affected as follows. - CVE-2021-27475 ‥ * When a local user opens a malicious file created by a third party with the corresponding product, the existing file is overwritten or a new file is created with the authority of the corresponding product. - CVE-2021-27471 ‥ * Illegal created by a malicious user .ccwarc By opening the archive file with the corresponding product, the authority of the product is acquired. - CVE-2021-27473. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. An automatic programming software

The parsing mechanism that processes certain file types does not provide input sanitization for file paths. This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.00 and prior, can traverse the file system. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the Connected Components Workbench software. User interaction is required for this exploit to be successful. * Deserialization of untrusted data (CWE-502) - CVE-2021-27475 ‥ * Path traversal (CWE-22) - CVE-2021-27471 ‥ * Incorrect input confirmation (CWE-20) - CVE-2021-27473The expected impact depends on each vulnerability, but it may be affected as follows. * When a local user opens a malicious serialized object created by a third party in the product, the code is executed remotely. - CVE-2021-27475 ‥ * When a local user opens a malicious file created by a third party with the corresponding product, the existing file is overwritten or a new file is created with the authority of the corresponding product. - CVE-2021-27471 ‥ * Illegal created by a malicious user .ccwarc By opening the archive file with the corresponding product, the authority of the product is acquired. - CVE-2021-27473. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. An automatic programming software

Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths specified within the .ccwarc archive file during extraction. This type of vulnerability is also commonly referred to as a Zip Slip. A local, authenticated attacker can create a malicious .ccwarc archive file that, when opened by Connected Components Workbench, will allow the attacker to gain the privileges of the software. If the software is running at SYSTEM level, the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. * Deserialization of untrusted data (CWE-502) - CVE-2021-27475 ‥ * Path traversal (CWE-22) - CVE-2021-27471 ‥ * Incorrect input confirmation (CWE-20) - CVE-2021-27473The expected impact depends on each vulnerability, but it may be affected as follows. * When a local user opens a malicious serialized object created by a third party in the product, the code is executed remotely. - CVE-2021-27475 ‥ * When a local user opens a malicious file created by a third party with the corresponding product, the existing file is overwritten or a new file is created with the authority of the corresponding product. - CVE-2021-27471 ‥ * Illegal created by a malicious user .ccwarc By opening the archive file with the corresponding product, the authority of the product is acquired. - CVE-2021-27473. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. An automatic programming software

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor. Buffalo WSR-2533DHPL2 firmware and WSR-2533DHP3 There is an information leakage vulnerability in the firmware.Information may be obtained. Buffalo WSR-2533DHPL2 and WSR-2533DHP3 are routers of Japan Buffalo Company. Attackers can use this vulnerability to access unauthorized content. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution. Buffalo WSR-2533DHPL2 firmware and WSR-2533DHP3 There is an unspecified vulnerability in the firmware.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Buffalo WSR-2533DHPL2 and WSR-2533DHP3 are routers of Japan Buffalo Company. Buffalo WSR-2533DHPL2 and WSR-2533DHP3 have a code injection vulnerability. Attackers can use this vulnerability to execute code remotely. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or execution of arbitrary code due to lack of input validation, when a malicious CGF (Configuration Group File) file is imported to IGSS Definition. Schneider Electric The following vulnerabilities exist in multiple products provided by the company. IGSS ‥ * Out-of-bounds writing (CWE-787) - CVE-2021-22750 , CVE-2021-22751 , CVE-2021-22752 , CVE-2021-22754 , CVE-2021-22755 ‥ * Out-of-bounds reading (CWE-125) - CVE-2021-22753 , CVE-2021-22756 , CVE-2021-22757 ‥ * Accessing uninitialized pointers (CWE-824) - CVE-2021-22758 ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2021-22759 ‥ * Freeing invalid pointers and references (CWE-763) - CVE-2021-22760 ‥ * Buffer error (CWE-119) - CVE-2021-22761 ‥ * Directory traversal (CWE-22) - CVE-2021-22762Modicon X80 ‥ * Information leakage vulnerability (CWE-200) - CVE-2021-22749The expected impact depends on the vulnerability, but it can be impacted as follows: IGSS ‥ * Fraudulent, crafted by a third party CGF (Configuration Group File) Data is lost or code is executed when importing a file - CVE-2021-22750 , CVE-2021-22754 , CVE-2021-22758 , CVE-2021-22759 , CVE-2021-22760 ‥ * Fraudulent, crafted by a third party CGF (Configuration Group File) Information is stolen or arbitrary code is executed when a file is imported - CVE-2021-22751 ‥ * Fraudulent, crafted by a third party CGF (Configuration Group File) Information is stolen or code is executed when a file is imported - CVE-2021-22755 , CVE-2021-22756 , CVE-2021-22757 , CVE-2021-22761 ‥ * Fraudulent, crafted by a third party WSP (Workspace) Data is lost or code is executed when parsing a file - CVE-2021-22752 , CVE-2021-22753 ‥ * Fraudulent, crafted by a third party CGF (Configuration Group File) , Or WSP (Workspace) Code is executed when the file is imported - CVE-2021-22762Modicon X80 ‥ * Crafted by a remote third party, HTTP Includes communication parameters used for telemetry when a request is received RTU Information is stolen regarding settings - CVE-2021-22749. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. There is a buffer error vulnerability in Schneider Electric IGSS, a multi-person cooperative application. cause remote code execution

A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability. amazon COSORI Smart is a hardware device of amazon company. Smart WiFi air fryer. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (Programmable Logic Controller) of Siemens (Siemens) in Germany. The Siemens SIMATIC S7-1200 has a security problem vulnerability, which is caused by the device's inability to perform authentication based on the configured password. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used for access. Rosemount X-STREAM The following multiple vulnerabilities exist in. * Inadequate encryption strength (CWE-326) - CVE-2021-27457 ‥ * Unlimited upload of dangerous types of files (CWE-434) - CVE-2021-27459 ‥ * Past traversal (CWE-22) - CVE-2021-27461 ‥ * Contains sensitive information Cookie Permanent use of (CWE-539) - CVE-2021-27463 ‥ * Cross-site scripting (CWE-79) - CVE-2021-27465 ‥ * Inappropriate restrictions on rendered user interface layers or frames (CWE-1021) - CVE-2021-27467The expected impact depends on each vulnerability, but it may be affected as follows. * Credentials obtained by a remote third party - CVE-2021-27457 ‥ * Arbitrary code executed by a remote third party - CVE-2021-27459 ‥ * By a remote third party Web Access to sensitive data stored on the server - CVE-2021-27461 ‥ * By a remote third party Cookie Get sensitive information stored in - CVE-2021-27463 ‥ * By a remote third party Web Page tampered with displaying incorrect or unintended data - CVE-2021-27465 ‥ * A remote third party transfers the clicks and keystrokes made by the user to another page to obtain sensitive information. - CVE-2021-27467. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code. Siemens SCALANCE X switches are used to connect industrial components, such as programmable logic controllers (PLC) or human machine interfaces (HMI). The Siemens SCALANCE X-200 Web server has a heap buffer overflow vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An attacker could craft a malicious file and upload it to the application, which could lead to denial of service and impact the availability of the application. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability. D-LINK DIR-3040 There is a vulnerability in the insecure storage of important information.Information may be obtained. D-LINK DIR-3040 is a router of D-Link company in Taiwan, China, which provides the function of connecting to the network. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. This information can then be used to reconfigure or disable the alarm system. ABUS Secvest FUAA50000 is a wireless remote control made by ABUS in Germany. ABUS Secvest FUAA50000 version 3.01.17 has an information disclosure vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1), RUGGEDCOM ROX RX1511 (All versions < V2.14.1), RUGGEDCOM ROX RX1512 (All versions < V2.14.1), RUGGEDCOM ROX RX1524 (All versions < V2.14.1), RUGGEDCOM ROX RX1536 (All versions < V2.14.1), RUGGEDCOM ROX RX5000 (All versions < V2.14.1). The affected devices do not properly handle permissions to traverse the file system. If exploited, an attacker could gain access to an overview of the complete file system on the affected devices. Multiple Siemens products contain an exceptional state handling vulnerability.Information may be obtained. RUGGEDCOM products provide a certain degree of reliability and set the standard for communication networks deployed in harsh environments. RUGGEDCOM RX1400 is a multi-protocol smart node that combines Ethernet switching, routing and application hosting functions with various wide-area connectivity options. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information disclosure vulnerability that could allow an attacker to retrieve VPN connection for a known user. The platform is mainly used for remote access, maintenance, control and diagnosis of the underlying network. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The status provided by the syslog clients managed by the affected software can be manipulated by an unauthenticated attacker in the same network of the affected system. Siemens SINEMA Remote Connect Server is a set of remote network management platform of Siemens (Siemens) in Germany. The platform is mainly used for remote access, maintenance, control and diagnosis of the underlying network. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been identified in Cerberus DMS V4.0 (All versions), Cerberus DMS V4.1 (All versions), Cerberus DMS V4.2 (All versions), Cerberus DMS V5.0 (All versions < v5.0 QU1), Desigo CC Compact V4.0 (All versions), Desigo CC Compact V4.1 (All versions), Desigo CC Compact V4.2 (All versions), Desigo CC Compact V5.0 (All versions < V5.0 QU1), Desigo CC V4.0 (All versions), Desigo CC V4.1 (All versions), Desigo CC V4.2 (All versions), Desigo CC V5.0 (All versions < V5.0 QU1). The application deserialises untrusted data without sufficient validations, that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system. The CCOM communication component used for Windows App / Click-Once and IE Web / XBAP client connectivity are affected by the vulnerability. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit could leads to arbitrary code execution in the target device. AIS-BW50-00 Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei AIS-BW50-00 is a portable bluetooth speaker of China's Huawei (Huawei) company. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations. Multiple Siemens products contain a buffer error vulnerability.Service operation interruption (DoS) It may be in a state. The communication processor (CP) modules of the SIMATIC CP 343-1 and CP 443-1 series are designed to support SIMATIC S7-300/S7-400 CPUs for Ethernet communication. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other equipment. The Siemens SIMATIC NET CP module has a denial of service vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Received webpackets are not properly processed. An unauthenticated remote attacker with access to any of the Ethernet interfaces could send specially crafted packets to force a restart of the target device. Siemens SIPROTEC 5 is a multifunctional relay manufactured by Siemens, Germany. Siemens SIPROTEC 5 has an input validation error vulnerability, which stems from the failure of the received webpackets to be processed correctly. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements