VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202010-1173 CVE-2020-9109 plural  Huawei  Insufficient verification vulnerability in data reliability in smartphone products CVSS V2: 1.9
CVSS V3: 4.6
Severity: MEDIUM
There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11). plural Huawei Smartphone products contain vulnerabilities related to inadequate verification of data reliability.Information may be obtained. Huawei P30 Pro, etc. are all smart phones of China's Huawei (Huawei) company. The vulnerability stems from insufficient verification of the identity of the smart wearable device in a specific scenario. The attacker needs to obtain specific information in the victim's mobile phone before launching an attack
VAR-202010-1179 CVE-2020-9123 HUAWEI P30 Pro  Out-of-bounds Vulnerability in Microsoft CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution. HUAWEI P30 Pro Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei P30 Pro is a smartphone launched by Huawei
VAR-202010-1172 CVE-2020-9108 HUAWEI P30 Pro  Out-of-bounds Vulnerability in Microsoft CVSS V2: 7.1
CVSS V3: 5.5
Severity: MEDIUM
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. Huawei P30 Pro is a smartphone launched by Huawei
VAR-202010-1166 CVE-2020-9230 WS5800-10  Vulnerability for inadequate validation of data reliability in CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal. WS5800-10 Exists in an inadequate validation of data reliability vulnerabilities.Denial of service (DoS) It may be put into a state. Huawei ws5800-10 is a wireless router of China's Huawei (Huawei) company. Some Huawei home routers have security vulnerabilities
VAR-202010-1170 CVE-2020-9106 HUAWEI P30 Pro  Untrusted search path vulnerabilities in CVSS V2: 2.1
CVSS V3: 4.6
Severity: MEDIUM
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure. Huawei P30 Pro is a smartphone launched by Huawei. The vulnerability stems from the system not fully verifying certain path names. Attackers can use this vulnerability to access files. Huawei smartphones could allow a local malicious user to traverse directories on the system, caused by insufficient input path validation. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view an arbitrary file on the device
VAR-202010-1171 CVE-2020-9107 HUAWEI P30 Pro  Out-of-bounds read vulnerability CVSS V2: 7.1
CVSS V3: 5.5
Severity: MEDIUM
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. Huawei P30 Pro is a smartphone launched by Huawei
VAR-202010-1178 CVE-2020-9122 plural  Huawei  Product input verification vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21. plural Huawei The product contains an input verification vulnerability.Denial of service (DoS) It may be put into a state. Huawei HiRouter-CD30-10, etc. are all wireless routers of China's Huawei (Huawei) company
VAR-202010-1180 CVE-2020-9087 Taurus-AL00A  Out-of-bounds read vulnerability CVSS V2: 2.1
CVSS V3: 5.5
Severity: MEDIUM
Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information leak. Taurus-AL00A Is vulnerable to an out-of-bounds read.Information may be obtained. Huawei Taurus-AL00A is a smart phone of China's Huawei (Huawei) company. The HUAWEI Taurus-AL00A XFRM module has security vulnerabilities. The vulnerability stems from the failure to fully verify the parameters
VAR-202010-0030 CVE-2020-14293 Secudos DOMOS  In  OS  Command injection vulnerability CVSS V2: 8.5
CVSS V3: 7.5
Severity: HIGH
conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface). Secudos DOMOS Has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. secudos domos is a set of operating systems for IoT devices from SECUDOS in Germany. Secudos DOMOS 5.8 version has a security vulnerability in conf datetime
VAR-202010-1181 CVE-2020-9090 FusionAccess  Authentication Vulnerability in Microsoft CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
FusionAccess version 6.5.1 has an improper authorization vulnerability. A command is authorized with incorrect privilege. Attackers with other privilege can execute the command to exploit this vulnerability. This may compromise normal service of the affected product. FusionAccess Contains an improper authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei smartphones could allow a local authenticated malicious user to bypass security restrictions, caused by an improper authorization vulnerability
VAR-202009-0773 CVE-2020-24721 Android  For and  iOS  for  GAEN  Protocol vulnerabilities CVSS V2: 3.3
CVSS V3: 5.7
Severity: MEDIUM
An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS. It allows a user to be put in a position where he or she can be coerced into proving or disproving an exposure notification, because of the persistent state of a private framework. Apple iOS is an operating system developed for mobile devices by Google and the Open Handheld Alliance (OHA). Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance (OHA)
VAR-202009-0361 CVE-2019-17098 August Connect Wi-Fi Bridge App  and  August Connect  Vulnerability in using hard-coded credentials in firmware CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior versions on Android. August Connect Firmware version 2.2.12 and prior versions
VAR-202009-1682 No CVE Tianxin Instrument Group Co., Ltd. Tianxin SCADA system has SQL injection vulnerability CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
The SCADA system is a computer-based DCS and power automation monitoring system. Tianxin Instrument Group Co., Ltd. Tianxin SCADA system has a SQL injection vulnerability. Attackers can use this vulnerability to obtain sensitive database information.
VAR-202010-0408 CVE-2020-17482 PowerDNS Authoritative Server information disclosure vulnerability CVSS V2: 4.0
CVSS V3: 4.3
Severity: MEDIUM
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. PowerDNS Authoritative Server Contains an information disclosure vulnerability.Information may be obtained. PowerDNS Authoritative Server is a DNS server of Dutch PowerDNS company. Background ========== The PowerDNS nameserver is an authoritative-only nameserver which uses a flexible backend architecture. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/pdns < 4.3.1 >= 4.3.1 Description =========== It was discovered that PowerDNS did not properly handle certain unknown records. Crafted records cannot be inserted via AXFR. Workaround ========== Do not take zone data from untrusted users. Resolution ========== All PowerDNS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/pdns-4.3.1" References ========== [ 1 ] CVE-2020-17482 https://nvd.nist.gov/vuln/detail/CVE-2020-17482 [ 2 ] PowerDNS Security Advisory 2020-05 https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202012-18 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5
VAR-202009-1644 CVE-2020-16232 Made by Yokogawa Electric WideField3 Buffer overflow vulnerability CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
In Yokogawa WideField3 R1.01 - R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project file. Provided by Yokogawa Electric Corporation FA-M3 Program development tool WideField3 Buffer overflow vulnerability (CWE-120) Exists.By rewriting the project file by a third party who can access the product, the application may be terminated illegally. Yokogawa WideField3 is a PLC programming software developed by Yokogawa Corporation of Japan. The software contains rich and practical programming tools, including powerful input macros, sampling display, synchronous logic analysis and other functions, and is perfectly compatible with F3SP71-4S and F3SP76-7S sequential CPU modules. There is a buffer error vulnerability in WideField3 R1.01 to R4.03. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
VAR-202009-0815 CVE-2020-25775 OfficeScan made by Trend Micro Inc. Vulnerability that can delete arbitrary files in the cloud CVSS V2: 6.3
CVSS V3: 6.3
Severity: MEDIUM
The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges. Virus Buster provided by Trend Micro Inc. There is a vulnerability in the cloud that allows low-privileged users to use the product's "data erasure tool" function to delete files with higher permissions. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.Any file or folder may be erased by a third party who has access to the product. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the Secure Erase feature. The issue results from the lack of proper validation of a user-supplied link prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM
VAR-202009-1672 No CVE Suzhou Inovance Technology Co., Ltd. AM600-PS2 has weak password vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
AM600-PS2 is a medium-sized programmable logic controller (PLC) designed with a modular structure. The AM600-PS2 of Suzhou Inovance Technology Co., Ltd. has a weak password vulnerability. Attackers can use this vulnerability to log in to the PLC operating system.
VAR-202009-1231 CVE-2020-5930 BIG-IP  and  BIG-IQ  Vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed methods. BIG-IP and BIG-IQ Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. GE APM is an equipment monitoring system of General Electric (GE). The system can continuously monitor the operating status and faults of the equipment. A security vulnerability exists in TMM that allows an attacker to potentially be able to cause a denial of service to a vulnerable party
VAR-202009-1700 No CVE An SQL injection vulnerability exists in the warning platform of Xiamen Sixin Communication Technology Co., Ltd. CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
Xiamen Four-Faith Communication Technology Co., Ltd., referred to as "Four-Faith Communications", is a national high-tech enterprise, a leading enterprise of small giants in scientific and technological innovation in Fujian Province, an Internet of Things platform enterprise, an Internet of Things technology expert, a provider of Internet of Things communication equipment and solutions. The early warning platform of Xiamen Sixin Communication Technology Co., Ltd. has a SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database.
VAR-202009-1701 No CVE An SQL injection vulnerability exists in the early warning platform of Xiamen Sixin Communication Technology Co., Ltd. (CNVD-2020-51471) CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
Xiamen Four-Faith Communication Technology Co., Ltd., referred to as "Four-Faith Communications", is a national high-tech enterprise, a leading enterprise of small giants in scientific and technological innovation in Fujian Province, an Internet of Things platform enterprise, an Internet of Things technology expert, a provider of Internet of Things communication equipment and solutions. The early warning platform of Xiamen Sixin Communication Technology Co., Ltd. has a SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database.