VARIoT IoT vulnerabilities database

Insufficient control flow management in the API for the Intel(R) Collaboration Suite for WebRTC before version 4.3.1 may allow an authenticated user to potentially enable escalation of privilege via network access. WebRTC for Intel(R) Collaboration Suite Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. There is a permission and access control vulnerability in Intel Collaboration Suite for WebRTC. The vulnerability stems from the lack of effective permission and access control measures in network systems or products

There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of HPG files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12207). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds read. Zero Day Initiative To this vulnerability ZDI-CAN-12207 Was numbered.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of HPG files

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of TGA files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12178). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds write. Zero Day Initiative To this vulnerability ZDI-CAN-12178 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of TGA files

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of CGM files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12163). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds read. Zero Day Initiative To this vulnerability ZDI-CAN-12163 Was numbered.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CGM files

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of PCT files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12182). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds write. Zero Day Initiative To this vulnerability ZDI-CAN-12182 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PCT files. The Tenda AC18 is a router from the Chinese company Tenda

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing TIFF files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12158). JT2Go and Teamcenter Visualization Is vulnerable to a buffer error. Zero Day Initiative To this vulnerability ZDI-CAN-12158 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of TIFF files

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of PLT files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12209). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds read. Zero Day Initiative To this vulnerability ZDI-CAN-12209 Was numbered.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PLT files

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 194882. Vendor exploits this vulnerability IBM X-Force ID: 194882 Is published as.Information is obtained and denial of service (DoS) It may be put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the EDataGraphImpl class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. This product is a platform for JavaEE and Web service applications, as well as the foundation of the IBM WebSphere software platform. There is a code problem vulnerability in IBM WebSphere Application Server, which stems from improper design or implementation problems in the code development process of network systems or products. No detailed vulnerability details are currently provided

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of RAS files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12283). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds read. Zero Day Initiative To this vulnerability ZDI-CAN-12283 Was numbered.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of RAS files

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12018). JT2Go and Teamcenter Visualization Is vulnerable to a buffer error. Zero Day Initiative To this vulnerability ZDI-CAN-12018 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of BMP files

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as 'Zip-Slip'. (ZDI-CAN-12054). SINEC NMS and SINEMA Server Contains a path traversal vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-12054 Was numbered.Information is tampered with and denial of service (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Authentication is required to exploit this vulnerability.The specific flaw exists within the FirmwareFileUtils class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Siemens SINE CNMS is a new generation of network management system enterprise account for digital libraries. This system can be used to centrally monitor, manage and configure the network. Siemens SINEMA Server is a network monitoring and management software designed by Siemens for industrial Ethernet. There is a security vulnerability in SINEC NMS, and there is no relevant information about this vulnerability at present, please pay attention to CNNVD or manufacturer announcements at any time

Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information. Advantech iView Has SQL An injection vulnerability exists.Information may be obtained. Authentication is not required to exploit this vulnerability.The specific flaw exists within the UserServlet class. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Advantech iView is an equipment management application for the energy, water and wastewater industries. There is a security vulnerability in Advantech iView, and there is no relevant information about this vulnerability at present, please pay attention to CNNVD or manufacturer announcements at any time

Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'. Advantech iView Has SQL An injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the UserServlet class. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges and reset the password for the Admin user. Advantech iView is an equipment management application for the energy, water and wastewater industries. There is a security vulnerability in Advantech iView, and there is no relevant information about this vulnerability at present, please pay attention to CNNVD or manufacturer announcements at any time

Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files. Advantech iView Contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability.The specific flaw exists within the CommandServlet class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Advantech iView is an equipment management application for the energy, water and wastewater industries. There is a security vulnerability in Advantech iView, and there is no relevant information about this vulnerability at present, please pay attention to CNNVD or manufacturer announcements at any time

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information. (ZDI-CAN-12040). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds read. Zero Day Initiative To this vulnerability ZDI-CAN-12040 Was numbered.Information may be obtained. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PAR files

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information. (ZDI-CAN-12042). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds read. Zero Day Initiative To this vulnerability ZDI-CAN-12042 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PAR files

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12041). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds write. Zero Day Initiative To this vulnerability ZDI-CAN-12041 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PAR files

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12043). JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds read. Zero Day Initiative To this vulnerability ZDI-CAN-12043 Was numbered.Information may be obtained and information may be tampered with. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PAR files

.NET Core and Visual Studio Denial of Service Vulnerability. plural Microsoft The product interferes with service operation (DoS) A vulnerability exists.Denial of service (DoS) It may be put into a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: .NET 5.0 on Red Hat Enterprise Linux security and bugfix update Advisory ID: RHSA-2021:0473-01 Product: .NET Core on Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0473 Issue date: 2021-02-10 CVE Names: CVE-2021-1721 ==================================================================== 1. Summary: An update for rh-dotnet50-dotnet is now available for .NET on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.103 and .NET Runtime 5.0.3. Security Fix(es): * dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1926918 - CVE-2021-1721 dotnet: certificate chain building recursion Denial of Service 6. Package List: .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnet50-dotnet-5.0.103-1.el7_9.src.rpm x86_64: rh-dotnet50-aspnetcore-runtime-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-aspnetcore-targeting-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-apphost-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-debuginfo-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-host-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-hostfxr-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-runtime-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-targeting-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-templates-5.0-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-netstandard-targeting-pack-2.1-5.0.103-1.el7_9.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnet50-dotnet-5.0.103-1.el7_9.src.rpm x86_64: rh-dotnet50-aspnetcore-runtime-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-aspnetcore-targeting-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-apphost-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-debuginfo-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-host-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-hostfxr-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-runtime-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-targeting-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-templates-5.0-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-netstandard-targeting-pack-2.1-5.0.103-1.el7_9.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnet50-dotnet-5.0.103-1.el7_9.src.rpm x86_64: rh-dotnet50-aspnetcore-runtime-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-aspnetcore-targeting-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-apphost-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-debuginfo-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-host-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-hostfxr-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-runtime-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-targeting-pack-5.0-5.0.3-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-templates-5.0-5.0.103-1.el7_9.x86_64.rpm rh-dotnet50-netstandard-targeting-pack-2.1-5.0.103-1.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-1721 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYCQRkNzjgjWX9erEAQgNpQ//YOPnsrlO2lww9KzO1WQGieOjqQ1xLZxZ YEgR3XbSuOiS0y7an842VNVht52BEh+maxUN3cdZfHqkBmb3+Ax4Tdnh/oH2CuYT lNkzcQcU/XxNWgpYE6Whu7o5+b7hS8e4khpoH3snamtuL62G2ncH07/cQOeWLi4o EixaJXGxfkq7b3UoDqq8iTj/3NQNmOaD72O2Rp2/yYjLWKtBRKq4sK756wpC+iEj qs+/z6NRTpw7swp8zpB2SsKpBhaCleqeVez7TAaDQ+yvT5Hijosn87CdDAMgVHxa rzqPzKaEMO/DYvirp70sm0EWaaEkX6FbR2LJRzKH6AxBWbyboIBnGrE8W/EfrI/f 6qeQZ/+GKMqabT7z7x79RzExgg6GPwdvnI2koD3hgT28CEZpnZZ6fmYMlvD5pfNT yPL8jzGRs725jpk2EsjyrIpNRPXqXgiFhmEA/JD2dr6surGj0UCmvHqEzKgGdHDR K8jG/u93IZhP+ijnxrw0gOnrCHq5chwxxpPaD1LvSgCmULjzks21zLbcB4qOldLH ey6xIPrdQcyRtJBecfb9IAN9ygCZXfz0HdRB+0ChK31D+Bhp2ORbJXxPPWYNVbp9 97pAQ2MYpEYDKUUn5lQ43Qj1WlF2D9+dXquuWYjD+1FZYmSXFfUnIx6HY7asElhc +Hn3J/UvwRI\xefGS -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce