VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202007-0792 CVE-2020-14599 Oracle E-Business Suite  of  Oracle CRM Gateway for Mobile Devices  In  Setup of Mobile Applications  Vulnerability CVSS V2: 6.4
CVSS V3: 9.1
Severity: CRITICAL
Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (component: Setup of Mobile Applications). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Gateway for Mobile Devices. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle CRM Gateway for Mobile Devices accessible data as well as unauthorized access to critical data or complete access to all Oracle CRM Gateway for Mobile Devices accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). The software provides functions such as customer relationship management, service management, and financial management. Attackers can use this vulnerability to access, create, delete or modify data without authorization, affecting the confidentiality and integrity of data
VAR-202007-0428 CVE-2020-14598 Oracle E-Business Suite  of  Oracle CRM Gateway for Mobile Devices  In  Setup of Mobile Applications  Vulnerability CVSS V2: 6.4
CVSS V3: 9.1
Severity: CRITICAL
Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (component: Setup of Mobile Applications). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Gateway for Mobile Devices. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle CRM Gateway for Mobile Devices accessible data as well as unauthorized access to critical data or complete access to all Oracle CRM Gateway for Mobile Devices accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). The software provides functions such as customer relationship management, service management, and financial management. Attackers can use this vulnerability to access, create, delete or modify data without authorization, affecting the confidentiality and integrity of data
VAR-202007-0042 CVE-2020-10044 plural SICAM Vulnerability regarding lack of authentication for critical features in the product CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with access to the network could be able to install specially crafted firmware to the device. SICAM MMU , SGU , T There is a vulnerability in the lack of authentication for critical features.Information may be tampered with. SICAM T is a digital measuring sensor that allows the measurement of electricity in non-electrical networks in a single unit. ICAM-MMU (Measurement and Monitoring Unit) is a power monitoring device that allows the measurement of electricity in the power grid in a unit. SICAM SGU (discontinued) is a smart grid remote terminal device with the communication capabilities of power companies and utility companies. Siemens SICAM MMU, SGU and T have security vulnerabilities
VAR-202007-1285 CVE-2020-5374 Dell EMC OpenManage Integration for Microsoft System Center for SCCM  and  SCVMM  Vulnerability in Using Hard Coded Credentials CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability. A remote unauthenticated attacker may exploit this vulnerability to gain access to the appliance data for remotely managed devices
VAR-202007-1284 CVE-2020-5373 Dell EMC OpenManage Integration for Microsoft System Center for SCCM  and  SCVMM  Vulnerability regarding lack of authentication for critical features in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to retrieve the system inventory data of the managed device. The vulnerability is caused by the program not properly authenticating users
VAR-202007-0396 CVE-2020-14499 Advantech iView  Vulnerability regarding inadequate protection of credentials in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful exploitation of this vulnerability may allow an attacker to obtain all user accounts credentials. Advantech iView Exists in an inadequate protection of credentials.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability.The specific flaw exists within the UserServlet class
VAR-202007-1133 CVE-2020-6514 Google Chrome Security hole CVSS V2: 4.3
CVSS V3: 6.5
Severity: MEDIUM
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. Google Chrome is a web browser developed by Google (Google). WebRTC is one of the components that supports browsers for real-time voice or video conversations. A security vulnerability exists in WebRTC in versions prior to Google Chrome 84.0.4147.89. An attacker could exploit this vulnerability to bypass security restrictions. WebRTC: usrsctp is called with pointer as network address When usrsctp is used with a custom transport, an address must be provided to usrsctp_conninput be used as the source and destination address of the incoming packet. WebRTC uses the address of the SctpTransport instance for this value. Unfortunately, this value is often transmitted to the peer, for example to validate signing of the cookie. This could allow an attacker access to the location in memory of the SctpTransport of a peer, bypassing ASLR. To reproduce, place the following code on line 9529 of sctp_output.c. This will output the peer's address to the log: struct sctp_state_cookie cookie2; struct sctp_state_cookie* cookie3; cookie3 = sctp_get_next_param(cookie, 4, &cookie2, sizeof(struct sctp_state_cookie)); LOGE(\"COOKIE INITACK ADDRESS %llx laddress %llx\", *((long long*)cookie3->address), *((long long*)cookie3->address)); Or, view the SCTP packets sent by WebRTC before they are sent to the encryption layer. They are full of pointers. This bug is subject to a 90 day disclosure deadline. After 90 days elapse, the bug report will become visible to the public. The scheduled disclosure date is 2020-Jul-28. Disclosure at an earlier date is possible if agreed upon by all parties. Related CVE Numbers: CVE-2020-6514. Found by: deadbeef@chromium.org . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-64 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Mozilla Thunderbird: Multiple vulnerabilities Date: July 31, 2020 Bugs: #734978 ID: 202007-64 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 mail-client/thunderbird < 68.11.0 >= 68.11.0 2 mail-client/thunderbird-bin < 68.11.0 >= 68.11.0 ------------------------------------------------------------------- 2 affected packages Description ========== Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-68.11.0" All Mozilla Thunderbird binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-68.11.0" References ========= [ 1 ] CVE-2020-15652 https://nvd.nist.gov/vuln/detail/CVE-2020-15652 [ 2 ] CVE-2020-15659 https://nvd.nist.gov/vuln/detail/CVE-2020-15659 [ 3 ] CVE-2020-6463 https://nvd.nist.gov/vuln/detail/CVE-2020-6463 [ 4 ] CVE-2020-6514 https://nvd.nist.gov/vuln/detail/CVE-2020-6514 [ 5 ] MFSA-2020-35 https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/ Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202007-64 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . 8) - aarch64, ppc64le, x86_64 3. 8.1) - ppc64le, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: thunderbird security update Advisory ID: RHSA-2020:3345-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3345 Issue date: 2020-08-06 CVE Names: CVE-2020-6463 CVE-2020-6514 CVE-2020-15652 CVE-2020-15659 ==================================================================== 1. Summary: An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Thunderbird must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1840893 - CVE-2020-6463 chromium-browser: Use after free in ANGLE 1857349 - CVE-2020-6514 chromium-browser: Inappropriate implementation in WebRTC 1861570 - CVE-2020-15652 Mozilla: Potential leak of redirect targets when loading scripts in a worker 1861572 - CVE-2020-15659 Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: thunderbird-68.11.0-1.el6_10.src.rpm i386: thunderbird-68.11.0-1.el6_10.i686.rpm thunderbird-debuginfo-68.11.0-1.el6_10.i686.rpm x86_64: thunderbird-68.11.0-1.el6_10.x86_64.rpm thunderbird-debuginfo-68.11.0-1.el6_10.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: thunderbird-68.11.0-1.el6_10.src.rpm i386: thunderbird-68.11.0-1.el6_10.i686.rpm thunderbird-debuginfo-68.11.0-1.el6_10.i686.rpm ppc64: thunderbird-68.11.0-1.el6_10.ppc64.rpm thunderbird-debuginfo-68.11.0-1.el6_10.ppc64.rpm s390x: thunderbird-68.11.0-1.el6_10.s390x.rpm thunderbird-debuginfo-68.11.0-1.el6_10.s390x.rpm x86_64: thunderbird-68.11.0-1.el6_10.x86_64.rpm thunderbird-debuginfo-68.11.0-1.el6_10.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: thunderbird-68.11.0-1.el6_10.src.rpm i386: thunderbird-68.11.0-1.el6_10.i686.rpm thunderbird-debuginfo-68.11.0-1.el6_10.i686.rpm x86_64: thunderbird-68.11.0-1.el6_10.x86_64.rpm thunderbird-debuginfo-68.11.0-1.el6_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-6463 https://access.redhat.com/security/cve/CVE-2020-6514 https://access.redhat.com/security/cve/CVE-2020-15652 https://access.redhat.com/security/cve/CVE-2020-15659 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXyvRqdzjgjWX9erEAQi6yBAAmpPI3ei7YVCzkppVmO6lhuEQ7ekkZd9D HW86ZmanNw9NgzWiQdXyEKBIexRybfGmAR+hVuPAc/HyHyGP73Mrl9I9ueT6Mn0D su5Q7k4rWE955brUN+SkRv4sTSw7atPXz/M+hhMkFuonnzcrBE2VjH6Bu2wtub/w VAlGKQlGktLyEUtpKq+NPDH5FV33vTwaprrhzBwCTHx35TNVt71YsmS0UP+w/ERU V2VIsbLiqfX29tbUr9PqLD86kwrv9oiKFAAlkpIEyulMk0B9G04+/mI0B9zrS2Il NV/jFU3t+gizbwCkRXg46Vo+3PWiBSe95iROULfDUw+F88fPJMDN3ZHpPyGNGLjo Bg592YWct3IC8U4Pk86/Njy3oZGz+dxPTibwLn6OXY0d2D2nGKl+Joo5gvvNIAfy c65OPXKM+b5DF2vLq24348G4oFKv3z0EWNEnHhpNx0u7WCDsPAevapmQQBRe7PMF OZUHgQptH/ONpE7/V+CoX/oT9Q9EpyBcaDultXklzf8Jzbwi0ak19RydEzv88Zbf Y2JTNW01LvqmfQsQM0WNUcMXjcSU3dzPgRJekCuW6vzXWEqekYTc0rSJlRglbXoE BZ7sJrDwuGlI4QbzvBpsGRv/9ltFA059MQhrWj+feMnEWhWWAhAIcIpDZ/AitROb UOB9OxPc8jQ=Zj/d -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8.0) - aarch64, ppc64le, s390x, x86_64 3. Description: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability
VAR-202007-1472 No CVE UFIDA Network Technology Co., Ltd. UFIDA NC Cloud has unauthorized access vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
NC Cloud is a new generation of cloud ERP products developed by UFIDA's IoT, big data, artificial intelligence and other technologies. Yonyou Network Technology Co., Ltd. Yonyou NC Cloud has an unauthorized access vulnerability, which can be exploited by attackers to cause data information leakage.
VAR-202007-1495 No CVE Proficy Machine Edition has a denial of service vulnerability CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Proficy Machine Edition is a PLC programming software developed by Emerson Trading (Shanghai) Co., Ltd. Proficy Machine Edition has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
VAR-202007-0063 CVE-2020-10986 Tenda AC15 AC1900 cross-site request forgery vulnerability CVSS V2: 7.1
CVSS V3: 6.5
Severity: MEDIUM
A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page. Tenda AC15 AC1900 Exists in a cross-site request forgery vulnerability.Service operation interruption (DoS) It may be put into a state. Tenda AC15 AC1900 is a wireless router of China Tenda (Tenda) company
VAR-202007-0064 CVE-2020-10987 Tenda AC15 AC1900 Injection vulnerabilities in CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. Tenda AC15 AC1900 There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Tenda AC15 AC1900 is a wireless router of China Tenda (Tenda) company
VAR-202007-0066 CVE-2020-10989 Tenda AC15 AC1900 cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter. Tenda AC15 AC1900 Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. Tenda AC15 AC1900 is a wireless router of China Tenda (Tenda) company
VAR-202007-0065 CVE-2020-10988 Tenda AC15 AC1900 trust management issue vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device. Tenda AC15 AC1900 Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Tenda AC15 AC1900 is a wireless router of China Tenda (Tenda) company
VAR-202007-1512 No CVE LTE digital cellular mobile communication network MME equipment has a denial of service vulnerability CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
LTE digital cellular mobile communication network MME equipment is an important network element of the LTE core network and is responsible for processing signaling. LTE digital cellular mobile communication network MME equipment has a denial of service vulnerability. An attacker can exploit the vulnerability to cause a denial of service attack.
VAR-202007-1503 No CVE Delta ISPSoft isp project file has memory corruption vulnerability (CNVD-2020-33323) CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
ISPSoft is a new generation of Delta PLC programming software. Delta ISPSoft has a memory corruption vulnerability when processing isp project files. An attacker can trick a user who installs ISPSoft to open a malicious isp file, thereby triggering a vulnerability and causing the program to deny service.
VAR-202007-1476 No CVE Dahua network keyboard and face integrated host have information disclosure vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
DH-NHB5000 is a new generation full touch network keyboard independently designed and developed by Dahua. Dahua network keyboard and face integrated host have information leakage vulnerability. Attackers can use vulnerabilities to bypass authentication and obtain sensitive information.
VAR-202007-1488 No CVE TPEditor has a memory corruption vulnerability CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
TPEditor is the programming software used by Delta Electronic Programmable Display Series in WINDOWS environment. TPEditor has a memory corruption vulnerability. An attacker can trick a user who installs TPEditor to open a malicious tpe file, thereby triggering a vulnerability and causing the program to deny service.
VAR-202007-0916 CVE-2020-15504 Sophos XG Firewall In SQL Injection vulnerabilities CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 (named MR-1-Build396) and the v17.5 MR13 release. All other versions >= 17.0 have received a hotfix. (DoS) It may be put into a state. Sophos XG Firewall is a next-generation endpoint protection and enterprise-class firewall product from Sophos, UK. A remote attacker could exploit this vulnerability to execute arbitrary code
VAR-202007-0192 CVE-2020-12025 Rockwell Automation Made Logix Designer Studio 5000 To XML Improper restriction vulnerability in external entity reference CVSS V2: 4.3
CVSS V3: 3.3
Severity: LOW
Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02 vulnerable to an xml external entity (XXE) vulnerability, which may allow an attacker to view hostnames or other resources from the program. Rockwell Automation Provides Logix Designer Studio 5000 Is management software for control systems for industrial equipment. For the product XML Improper restriction vulnerability in external entity reference (CWE-611) Exists.If an unauthenticated third party creates and loads a specially crafted file, the system host name and resources may be leaked from the product. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of AML files. An attacker can leverage this vulnerability to disclose information in the context of the current process. The vulnerability stems from the program not properly restricting references to XML external entities. Attackers can use the vulnerability to view host names or other resources
VAR-202007-0756 CVE-2020-15001 Yubico YubiKey 5 NFC Information Disclosure Vulnerability CVSS V2: 2.9
CVSS V3: 5.3
Severity: MEDIUM
An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP configurations. The access code is not checked when updating NFC specific components of the OTP configurations. This may allow an attacker to access configured OTPs and passwords stored in slots that were not configured by the user to be read over NFC, despite a user having set an access code. (Users who have not set an access code, or who have not configured the OTP slots, are not impacted by this issue.). Yubico YubiKey 5 NFC is a multi-protocol secret key device supporting NFC (Near Field Communication) function from Yubico, Sweden