VARIoT IoT vulnerabilities database

A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient validation of configuration backup files. An attacker could exploit this vulnerability by persuading an administrator to restore a crafted configuration backup file. A successful exploit could allow the attacker to overwrite arbitrary files that are accessible through the affected software on an affected device. Cisco Nexus Data Broker is a network routing monitoring solution of Cisco (Cisco). The software is event-driven and can provide real-time network flow visualization

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. plural Apple The product is vulnerable to a buffer overflow due to improper memory processing.Arbitrary code can be executed by processing maliciously created images. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the CoreGraphics library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.The specific flaw exists within the JBIG2Bitmap::expand method. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple iPadOS is an operating system for iPad tablets

Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an information disclosure vulnerability. Authenticated low privileged OMIMSCC users may be able to retrieve sensitive information from the logs. Dell EMC OpenManage Integration is a driver for a virtualization management console of Dell. Tools and tasks related to managing and deploying servers in virtual environments are simplified. This vulnerability originates from the abnormal output of log files of network systems or products

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface. Cisco SD-WAN vManage The software contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Cisco SD-WAN vManage Software is a management software for SD-WAN (Software Defined Wide Area Network) solutions from Cisco. The vulnerability stems from the lack of correct validation of client data in WEB applications

A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. The vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file in a specific location on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with the privileges of another user’s account. Cisco Webex Teams is a team collaboration application of Cisco (Cisco). The program includes video conferencing, group messaging and file sharing capabilities. A code issue vulnerability exists in Cisco Webex Teams. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute arbitrary code on an affected device or cause the device to reload. This vulnerability is due to missing checks when an IP camera processes a Cisco Discovery Protocol packet. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute code on the affected IP camera or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). plural Cisco Video Surveillance 8000 series IP A buffer error vulnerability exists in the camera.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service. MikroTik RouterOS Exists in an integer overflow vulnerability.Denial of service (DoS) It may be put into a state. MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality

An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 (October 2020). This vulnerability is Samsung ID: SVE-2020-18392 It is published as.Information may be obtained. are all products of South Korean Samsung (Samsung). Samsung mobile devices O (8.1), P (9.0), Q (10.0) and R (11.0) have security vulnerabilities, which stem from a problem with EthernetNetwork. No detailed vulnerability details are currently provided

An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 (October 2020). This vulnerability is Samsung ID: SVE-2020-18467 It is published as.Information may be obtained. are all products of South Korean Samsung (Samsung). The vulnerability originates in SystemUI

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 (October 2020). This vulnerability is Samsung ID: SVE-2020-18433 It is published as.Information may be obtained. are all products of South Korean Samsung (Samsung)

An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 (October 2020). This vulnerability is Samsung ID: SVE-2020-18418 It is published as.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. are all products of South Korean Samsung (Samsung). The vulnerability originates from TimaService

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-2020-18596 (October 2020). Samsung Mobile devices contain a vulnerability related to information leakage from log files. This vulnerability is Samsung ID: SVE-2020-18596 It is published as.Information may be obtained

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 (October 2020). This vulnerability is Samsung ID: SVE-2020-18673 It is published as.Information may be obtained. are all products of South Korean Samsung (Samsung). Samsung mobile devices O (8.x), P (9.0), Q (10.0) and R (11.0) have security vulnerabilities

An issue was discovered on Samsung mobile devices with Q(10.0) software. The DynamicLockscreen Terms and Conditions can be accepted without authentication. The Samsung ID is SVE-2020-17079 (October 2020). This vulnerability is Samsung ID: SVE-2020-17079 It is published as.Information may be tampered with. Samsung mobile devices Q is a TV series of Samsung (Samsung) in South Korea. No detailed vulnerability details are currently provided

D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the IP JSON value for ping (aka res_config_action=3&res_config_id=18). D-Link DAP-1360U A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. D-Link DAP-136 is a wireless network signal extender. D-Link DAP-136 has security vulnerabilities in processing IP parameters, allowing remote attackers to use the vulnerabilities to submit special requests and execute arbitrary commands in the context of the application

An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18034 (October 2020). This vulnerability is Samsung ID: SVE-2020-18034 It is published as.Information may be tampered with. are all products of South Korean Samsung (Samsung). Samsung mobile devices O (8.x), P (9.0) and Q (10.0) have security vulnerabilities, which can be exploited by attackers to perform privileged operations by modifying intent

u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral system enter into dead lock state.(This CVE is equivalent to InvalidConnectionRequest(CVE-2019-19193) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8017, APQ8053, AR9344, Bitra, IPQ5018, Kamorta, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6390, QCA6574AU, QCA9377, QCA9886, QCM6125, QCN7605, QCS404, QCS405, QCS605, QCS610, QRB5165, Rennell, SA415M, SA515M, Saipan, SC7180, SC8180X, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains an input verification vulnerability.Denial of service (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have input verification error vulnerabilities. The vulnerability stems from the fact that when processing invalid connection requests from the central device, if the PDU is not standard, it may cause the peripheral system to enter a deadlock state

u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8909W, MSM8917, MSM8940, Nicobar, QCA6390, QCM2150, QCS605, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429W, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Qualcomm The product contains unspecified vulnerabilities.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130. plural Qualcomm The product contains an out-of-bounds read vulnerability. This vulnerability is CVE-2019-16336 , CVE-2019-17519 , CVE-2019-17518 It is the same vulnerability as.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have buffer error vulnerabilities. The vulnerability stems from the lack of checks for invalid opcodes and the opcode length of the central device in Bluetooth peripheral firmware

u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state