VARIoT IoT vulnerabilities database

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP bulk get request response encoding function. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SNMP engine buffer. When a bulk get request response is assembled, a stack buffer dedicated for OIDs (with a limited capacity) is allocated in snmp_engine_get_bulk(). When snmp_engine_get_bulk() is populating the stack buffer, an overflow condition may occur due to lack of input length validation. This makes it possible to overwrite stack regions beyond the allocated buffer, including the return address from the function. As a result, the code execution path may be redirected to an address provided in the SNMP bulk get payload. If the target architecture uses common addressing space for program and data memory, it may also be possible to supply code in the SNMP request payload, and redirect the execution path to the remotely injected code, by modifying the function's return address. Contiki-NG Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Contiki-NG is an open source cross-platform operating system for next-generation IoT (Internet of Things) devices. Contiki-NG version 4.4 to version 4.5 has a buffer error vulnerability. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

Memory access out of buffer boundaries issues was discovered in Contiki-NG 4.4 through 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified during the encoding and decoding of data. This may lead to out-of-bounds buffer read or write access in BER decoding and encoding functions. Contiki-NG There is an out-of-bounds read vulnerability and an out-of-bounds write vulnerability in.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Contiki-NG is an open source cross-platform operating system for next-generation IoT (Internet of Things) devices. Contiki-NG version 4.4 to version 4.5 has a buffer error vulnerability. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmp_oid_decode_oid() may overwrite memory areas beyond the provided target buffer, when called from snmp_message_decode() upon an SNMP request reception. Because the content of the write operations is externally provided in the SNMP requests, it enables a remote overwrite of an IoT device's memory regions beyond the allocated buffer. This overflow may allow remote overwrite of stack and statically allocated variables memory regions by sending a crafted SNMP request. Contiki-NG Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Contiki-NG is an open source cross-platform operating system for next-generation IoT (Internet of Things) devices. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link. (DoS) It may be put into a state. Dell Encryption is a suite of data protection solutions. The product includes features such as compliance management, authentication, disk data encryption, and port encryption. The product supports features such as automated threat prevention, detection, and response

An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community pages. EdgeMax EdgeSwitch There is an information leakage vulnerability in the firmware.Information may be obtained. Ubiquiti Networks EdgeMAX EdgeSwitch is a PoE+ Gigabit switch from Ubiquiti Networks

The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user (monitoring group) or admin to execute commands on the operating system. NoviFlow NoviWare To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges. EdgeSwitch For firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Ubiquiti Networks EdgeSwitch is a gigabit network switch device of Ubiquiti Networks

FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal. FusionCompute There is an authentication vulnerability in.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. Huawei FusionCompute is a computer virtualization engine of China's Huawei (Huawei) company. The product provides virtual resource manager (VRM) and compute node agent (CNA), etc

HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic error vulnerability. In a special scenario, the system does not properly process. As a result, attackers can perform a series of operations to successfully establish P2P connections that are rejected by the peer end. As a result, the availability of the device is affected. HUAWEI Mate 20 There are unspecified vulnerabilities in smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Mate 20 is a smartphone of China's Huawei (Huawei) company. An attacker can use this vulnerability to achieve a successful connection when the object refuses the P2P connection

Mijia Intelligent Platform is an intelligent hardware platform. Mijia Intelligent Platform of Xiaomi Technology Co., Ltd. has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information and perform unauthorized operations.

Suning Tesco Group Co., Ltd., founded on December 26, 1990, is headquartered in Nanjing. It is a leader in Chinese commercial enterprises. Its products cover traditional home appliances, consumer electronics, department stores, daily necessities, books, virtual products and other comprehensive categories. An unauthorized access vulnerability exists in the Suning Intelligent Platform, which can be exploited by attackers to obtain sensitive information.

VxWorks is a real-time operating system launched by Wind River Systems, Inc. of the United States. VxWorks 5.5 has a buffer overflow vulnerability, which can be exploited by attackers to cause a denial of service.

VxWorks is a real-time operating system launched by Wind River Systems, Inc. of the United States. Vxworks 5.5 has a clickjacking vulnerability, which can be exploited by attackers to cause a denial of service.

Schneider Electric (China) Co., Ltd. is a global leader in energy efficiency management, founded in 1836 by the Schneider brothers. Schneider TM241CE40T_U has a denial of service vulnerability, which can be exploited by attackers to make the system denial of service.

Advantech WebAccessNode is a HMI/SCADA monitoring software based entirely on IE browser. Advantech (China) Co., Ltd. Advantech WebAccessNode has a denial of service vulnerability. Attackers can use this vulnerability to cause a system denial of service.

Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. An attacker can obtain admin privileges by placing a malicious .exe file in the application and renaming it ScadaAgentSvc.exe, which would result in executing the binary as NT AUTHORITY\SYSTEM in a Windows operating system. For example, an attacker can plant a reverse shell from a low privileged user account and by restarting the computer, the malicious service will be started as NT AUTHORITY\SYSTEM by giving the attacker full system access to the remote PC. (DoS) It may be put into a state. Rapid SCADA is a free, open source, and fully functional SCADA (Data Acquisition and Monitoring System) software

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access. (DoS) It may be put into a state. Intel Server Board is a server motherboard of Intel Corporation of the United States. A local attacker could exploit this vulnerability to elevate privileges

Improper authentication in subsystem for Intel (R) LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access. Intel(R) LED Manager for NUC There is an authentication vulnerability in.Service operation interruption (DoS) It may be put into a state. The vulnerability is caused by improper authentication. A local attacker could exploit this vulnerability to cause a denial of service

An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.). SmartControl There is a vulnerability in an element of an uncontrolled search path.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A code issue vulnerability exists in Philips SmartControl version 4.3.15 and versions earlier than 2020-4-15. An attacker can exploit this vulnerability to elevate privileges with a specially crafted DLL file

njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface. njs There is an input verification vulnerability in.Information may be tampered with. NGINX is a lightweight web server/reverse proxy server and e-mail (IMAP/POP3) proxy server of the American NGINX company. njs is one of the scripting language components that supports extending NGINX functionality. There is a security vulnerability in the njs_value_property of the njs_value.c file in njs 0.4.3 and earlier versions (used in NGINX). An attacker could exploit this vulnerability to hijack control flow