VARIoT IoT vulnerabilities database
| VAR-202011-0791 | CVE-2020-27557 | BASETech GE-131 BT-1837836 Vulnerability in plaintext storage of important information in firmware |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials. BASETech GE-131 BT-1837836 There is a vulnerability in the firmware regarding the plaintext storage of important information.Information may be obtained. BASETech GE-131 BT-1837836 is a Wi-Fi IP CCTV camera. An attacker can use this vulnerability to extract a plain text password
| VAR-202011-0790 | CVE-2020-27556 | BASETech GE-131 BT-1837836 Firmware vulnerability |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
A predictable device ID in BASETech GE-131 BT-1837836 firmware 20180921 allows unauthenticated remote attackers to connect to the device. BASETech GE-131 BT-1837836 There is an unspecified vulnerability in the firmware.Information may be tampered with. BASETech GE-131 BT-1837836 is a Wi-Fi IP CCTV camera
| VAR-202011-1431 | CVE-2020-4592 | IBM MQ Appliance Vulnerability in |
CVSS V2: 3.5 CVSS V3: 6.5 Severity: Medium |
IBM MQ Appliance 9.1.CD and LTS could allow an authenticated user, under nondefault configuration to cause a data corruption attack due to an error when using segmented messages. IBM MQ Appliance Contains an unspecified vulnerability.Information may be tampered with
| VAR-202011-0731 | CVE-2020-27125 | Cisco Security Manager Input confirmation vulnerability |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by viewing source code. A successful exploit could allow the attacker to view static credentials, which the attacker could use to carry out further attacks. Cisco Security Manager (CSM) is a set of enterprise-level management applications from Cisco, which is mainly used to configure firewall, VPN and intrusion prevention security services on Cisco network and security devices
| VAR-202011-0735 | CVE-2020-27130 | Cisco Security Manager Vulnerability in |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests to an affected device. An attacker could exploit this vulnerability by sending a crafted request to the affected device. A successful exploit could allow the attacker to download arbitrary files from the affected device. Cisco Security Manager (CSM) is a set of enterprise-level management applications from Cisco, which is mainly used to configure firewall, VPN and intrusion prevention security services on Cisco network and security devices
| VAR-202011-0393 | CVE-2020-26701 | Kaa IoT Platform Cross-site Scripting Vulnerability |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter. Kaa IoT Platform Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. The platform provides protocol support for multiple devices, and provides monitoring and data management functions for connected devices
| VAR-202011-0736 | CVE-2020-27131 | Cisco Security Manager Untrusted Data Deserialization Vulnerability in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit these vulnerabilities by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the device with the privileges of NT AUTHORITY\SYSTEM on the Windows target host. Cisco has not released software updates that address these vulnerabilities. Cisco Security Manager There is a vulnerability in deserialization of untrusted data.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Cisco Security Manager (CSM) is a set of enterprise-level management applications from Cisco, which is mainly used to configure firewall, VPN and intrusion prevention security services on Cisco network and security devices. Successful exploitation could result in arbitrary command execution on the affected device
| VAR-202012-1523 | CVE-2020-9972 | plural Apple Product Buffer Overflow Vulnerability |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. The following products and versions are affected: iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later
| VAR-202011-0266 | CVE-2019-19560 | Mercedes-Benz HERMES Vulnerability in insecure storage of important information in |
CVSS V2: 2.1 CVSS V3: 4.6 Severity: MEDIUM |
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information. Mercedes-Benz HERMES There is a vulnerability in the insecure storage of important information.Information may be obtained. Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz (Mercedes-Benz) networked cars
| VAR-202011-0267 | CVE-2019-19561 | Mercedes-Benz HERMES Vulnerability in insecure storage of important information in |
CVSS V2: 2.1 CVSS V3: 2.4 Severity: LOW |
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information. Mercedes-Benz HERMES There is a vulnerability in the insecure storage of important information.Information may be obtained. Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz (Mercedes-Benz) networked cars
| VAR-202011-0265 | CVE-2019-19557 | Mercedes-Benz HERMES Vulnerability in insecure storage of important information in |
CVSS V2: 2.1 CVSS V3: 2.4 Severity: LOW |
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. Mercedes-Benz HERMES There is a vulnerability in the insecure storage of important information.Information may be obtained. Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz (Mercedes-Benz) networked cars.
The debug interface in Mercedes-Benz HERMES 1 has a configuration error vulnerability
| VAR-202011-0268 | CVE-2019-19562 | Mercedes-Benz HERMES Vulnerability in insecure storage of important information in |
CVSS V2: 2.1 CVSS V3: 4.6 Severity: MEDIUM |
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information. Mercedes-Benz HERMES There is a vulnerability in the insecure storage of important information.Information may be obtained. Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz (Mercedes-Benz) networked cars
| VAR-202011-0269 | CVE-2019-19563 | Mercedes-Benz HERMES configuration error vulnerability |
CVSS V2: 2.1 CVSS V3: 2.4 Severity: LOW |
A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. Mercedes-Benz HERMES Contains an unspecified vulnerability.Information may be obtained. Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz (Mercedes-Benz) networked cars.
The debugging interface in Mercedes-Benz HERMES 2.1 has a configuration error vulnerability
| VAR-202011-0264 | CVE-2019-19556 | Mercedes-Benz HERMES Authentication vulnerabilities in |
CVSS V2: 2.1 CVSS V3: 4.6 Severity: MEDIUM |
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with physical access to device hardware to obtain system information. Mercedes-Benz HERMES Contains an authentication vulnerability.Information may be obtained. Mercedes-Benz HERMES is a telematics control unit equipped in Mercedes-Benz (Mercedes-Benz) networked cars
| VAR-202011-1543 | No CVE | Beijing Sifang Relay Automation Co., Ltd. CSC-830 has a denial of service vulnerability (CNVD-2020-59456) |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
CSC830 PLC is a small controller of Beijing Sifang Relay Automation Co., Ltd. for small and medium discrete automation systems and independent automation systems.
Beijing Sifang Relay Automation Co., Ltd. CSC-830 has a denial of service vulnerability. Attackers can use this vulnerability to control PLC services, affecting the normal operation of the controller and causing denial of service.
| VAR-202011-1545 | No CVE | Beijing Sifang Relay Automation Co., Ltd. CSC-830 has a denial of service vulnerability (CNVD-2020-59455) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
CSC830 PLC is a small controller of Beijing Sifang Relay Automation Co., Ltd. for small and medium discrete automation systems and independent automation systems.
Beijing Sifang Relay Automation Co., Ltd. CSC-830 has a denial of service vulnerability. Attackers can use this vulnerability to directly control the cold start or stop of the PLC remotely, affecting the normal operation of the controller.
| VAR-202011-1561 | No CVE | Beijing Sifang Relay Automation Co., Ltd. CSC-830 has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
CSC830 PLC is a small controller of Beijing Sifang Relay Automation Co., Ltd. for small and medium discrete automation systems and independent automation systems.
Beijing Sifang Relay Automation Co., Ltd. CSC-830 has a denial of service vulnerability. Attackers can use the vulnerability to cause a denial of server.
| VAR-202011-1562 | No CVE | Beijing Sifang Relay Automation Co., Ltd. CSC-830 has an information disclosure vulnerability (CNVD-2020-59458) |
CVSS V2: 4.0 CVSS V3: - Severity: MEDIUM |
CSC830 PLC is a small controller of Beijing Sifang Relay Automation Co., Ltd. for small and medium discrete automation systems and independent automation systems.
Beijing Sifang Relay Automation Co., Ltd. CSC-830 has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202011-1563 | No CVE | Beijing Sifang Relay Automation Co., Ltd. CSC-850 has an information disclosure vulnerability (CNVD-2020-58374) |
CVSS V2: 4.0 CVSS V3: - Severity: MEDIUM |
CSC850 PLC is a small controller of Beijing Sifang Relay Automation Co., Ltd. for small and medium discrete automation systems and independent automation systems.
Beijing Sifang Relay Automation Co., Ltd. CSC-850 has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information.
| VAR-202011-1564 | No CVE | Beijing Sifang Relay Automation Co., Ltd. CSC-850 has an information disclosure vulnerability (CNVD-2020-58375) |
CVSS V2: 4.0 CVSS V3: - Severity: MEDIUM |
CSC850 PLC is a small controller of Beijing Sifang Relay Automation Co., Ltd. for small and medium discrete automation systems and independent automation systems.
Beijing Sifang Relay Automation Co., Ltd. CSC-850 has an information disclosure vulnerability. Attackers can use this vulnerability to obtain sensitive information such as PLC logs, firmware, configuration and other core files.