VARIoT IoT vulnerabilities database

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. Intel(R) AMT Contains an input validation vulnerability.Information may be obtained. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An input validation error vulnerability exists in Intel Active Management Technology due to insufficient input validation. A local attacker could exploit this vulnerability to obtain sensitive information. The following products and versions are affected: Intel Active Management Technology versions prior to 11.8.70, versions prior to 11.11.70, versions prior to 11.22.70, and versions prior to 12.0.45

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. Intel(R) CSME and TXE Contains an input validation vulnerability.Information may be obtained. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). A security vulnerability exists in the subsystems in Intel CSME and TXE. A local attacker could exploit this vulnerability to disclose information. The following products and versions are affected: Intel CSME before 11.8.70, before 12.0.45, before 13.0.10; Intel TXE before 3.1.70, before 4.0.20

Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access. Intel(R) CSME and TXE Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). Buffer error vulnerabilities exist in subsystems in Intel CSME and Intel TXE. Attackers can exploit this vulnerability to elevate privileges, leak information or cause denial of service. The following products and versions are affected: Intel CSME before 11.8.70, before 11.11.70, before 11.22.70, before 12.0.45; Intel TXE before 3.1.70, before 4.0.20

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access. Intel(R) CSME and TXE Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). A security vulnerability exists in a subsystem in Intel CSME and Intel TXE due to insufficient input validation. A local attacker could exploit this vulnerability to elevate privileges, disclose information or cause a denial of service. The following products and versions are affected: Intel CSME before 11.8.70, before 11.11.70, before 11.22.70, before 12.0.45, before 13.0.10, before 14.0.10; Intel TXE 3.1.70 Previous versions, versions before 4.0.20

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Intel(R) AMT Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access. Intel(R) AMT Contains an input validation vulnerability.Information may be obtained. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An attacker in physical proximity could exploit this vulnerability to disclose information. The following products and versions are affected: Intel AMT versions prior to 11.8.70, versions prior to 11.11.70, versions prior to 11.22.70, and versions prior to 12.0.45

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. Intel(R) CSME and Intel(R) TXE Contains an input validation vulnerability.Information may be obtained. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). A security vulnerability exists in subsystems in Intel CSME and Intel TXE due to insufficient input validation. A local attacker could exploit this vulnerability to disclose information. The following products and versions are affected: Intel CSME before 11.8.70, before 11.11.70, before 11.22.70, before 12.0.45, before 13.0.10, before 14.0.10; Intel TXE 3.1.70 Previous versions, versions before 4.0.20

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) CSME Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. A local attacker could exploit this vulnerability to elevate privileges

Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access. Intel(R) CSME Contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. Security vulnerabilities exist in subsystems in Intel CSME versions prior to 12.0.45, versions prior to 13.0.10, and versions prior to 14.0.10. A local attacker could exploit this vulnerability to elevate privileges and leak information

Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Intel(R) AMT Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology ( AMT ) is the US Intel ( Intel ) company's set of hardware-based computer remote active management technology software. An attacker could exploit this vulnerability to elevate privileges

Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Intel(R) AMT Contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. A subsystem in Intel AMT has a security vulnerability. An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: Intel AMT versions prior to 11.8.70, versions prior to 11.11.70, versions prior to 11.22.70, and versions prior to 12.0.45

Siemens is a leading global technology company. With innovations in the areas of electrification, automation and digitalization, Siemens provides solutions for customers in the fields of power generation and transmission and distribution, infrastructure, industrial automation, drives and software. SIEMENS SIMATIC S7-200 Smart PLC has an authentication bypass vulnerability. An attacker can bypass the identity authentication by falsifying data to arbitrarily alter the value of the PLC register

Siemens is a leading global technology company. With innovations in the areas of electrification, automation and digitalization, Siemens provides solutions for customers in the fields of power generation and transmission and distribution, infrastructure, industrial automation, drives and software. Siemens STEP 7-MicroWIN SMART has a denial of service vulnerability that could be exploited by an attacker to cause the server to deny service

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access. Intel(R) Ethernet 700 Series Controller Contains a resource exhaustion vulnerability.Denial of service (DoS) May be in a state. Intel Ethernet 700 Series Controllers is a network adapter product from Intel Corporation. An attacker could exploit this vulnerability to cause a denial of service. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. ========================================================================== Ubuntu Security Notice USN-4681-1 January 06, 2021 linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi (V8) systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: Ryan Hall discovered that the Intel 700 Series Ethernet Controllers driver in the Linux kernel did not properly deallocate memory in some conditions. (CVE-2019-0148) It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-25656) Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-25668) Jinoh Kang discovered that the Xen event channel infrastructure in the Linux kernel contained a race condition. (CVE-2020-27675) Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. (CVE-2020-28974) It was discovered that Power 9 processors could be coerced to expose information from the L1 cache in certain situations. A local attacker could use this to expose sensitive information. (CVE-2020-4788) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.4.0-1085-kvm 4.4.0-1085.94 linux-image-4.4.0-1119-aws 4.4.0-1119.133 linux-image-4.4.0-1143-raspi2 4.4.0-1143.153 linux-image-4.4.0-1147-snapdragon 4.4.0-1147.157 linux-image-4.4.0-198-generic 4.4.0-198.230 linux-image-4.4.0-198-generic-lpae 4.4.0-198.230 linux-image-4.4.0-198-lowlatency 4.4.0-198.230 linux-image-4.4.0-198-powerpc-e500mc 4.4.0-198.230 linux-image-4.4.0-198-powerpc-smp 4.4.0-198.230 linux-image-4.4.0-198-powerpc64-emb 4.4.0-198.230 linux-image-4.4.0-198-powerpc64-smp 4.4.0-198.230 linux-image-aws 4.4.0.1119.124 linux-image-generic 4.4.0.198.204 linux-image-generic-lpae 4.4.0.198.204 linux-image-kvm 4.4.0.1085.83 linux-image-lowlatency 4.4.0.198.204 linux-image-powerpc-e500mc 4.4.0.198.204 linux-image-powerpc-smp 4.4.0.198.204 linux-image-powerpc64-emb 4.4.0.198.204 linux-image-powerpc64-smp 4.4.0.198.204 linux-image-raspi2 4.4.0.1143.143 linux-image-snapdragon 4.4.0.1147.139 linux-image-virtual 4.4.0.198.204 Ubuntu 14.04 ESM: linux-image-4.4.0-1083-aws 4.4.0-1083.87 linux-image-4.4.0-198-generic 4.4.0-198.230~14.04.1 linux-image-4.4.0-198-generic-lpae 4.4.0-198.230~14.04.1 linux-image-4.4.0-198-lowlatency 4.4.0-198.230~14.04.1 linux-image-4.4.0-198-powerpc-e500mc 4.4.0-198.230~14.04.1 linux-image-4.4.0-198-powerpc-smp 4.4.0-198.230~14.04.1 linux-image-4.4.0-198-powerpc64-emb 4.4.0-198.230~14.04.1 linux-image-4.4.0-198-powerpc64-smp 4.4.0-198.230~14.04.1 linux-image-aws 4.4.0.1083.80 linux-image-generic-lpae-lts-xenial 4.4.0.198.173 linux-image-generic-lts-xenial 4.4.0.198.173 linux-image-lowlatency-lts-xenial 4.4.0.198.173 linux-image-powerpc-e500mc-lts-xenial 4.4.0.198.173 linux-image-powerpc-smp-lts-xenial 4.4.0.198.173 linux-image-powerpc64-emb-lts-xenial 4.4.0.198.173 linux-image-powerpc64-smp-lts-xenial 4.4.0.198.173 linux-image-virtual-lts-xenial 4.4.0.198.173 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4681-1 CVE-2019-0148, CVE-2020-25656, CVE-2020-25668, CVE-2020-27675, CVE-2020-28974, CVE-2020-4788 Package Information: https://launchpad.net/ubuntu/+source/linux/4.4.0-198.230 https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1119.133 https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1085.94 https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1143.153 https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1147.157

A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad models may allow arbitrary code execution. plural Lenovo ThinkPad The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lenovo 510 15IKL, etc. are all products of Lenovo of China. Lenovo 510 15IKL is a desktop computer. IdeaCentre 300-20ISH is a computer integrated device. IdeaCentre 510-15ICB is a computer all-in-one device. Input validation error vulnerabilities exist in many Lenovo ThinkPad products. Attackers can use this vulnerability to execute arbitrary code

Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access. Intel(R) Ethernet 700 Series Controller Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Ethernet 700 Series Controllers is a network adapter product from Intel Corporation. An attacker could use this vulnerability to achieve privilege elevation

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access. Intel(R) Ethernet 700 Series Controller Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. IIntel Ethernet 700 Series Controllers are network adapter products from Intel Corporation. An attacker could exploit the vulnerability to cause a denial of service. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access. Intel(R) Ethernet 700 Series Controller Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Ethernet 700 Series Controllers are network adapter products from Intel Corporation. The vulnerability stems from insufficient input validation for the i40e driver. An attacker could exploit the vulnerability to cause a denial of service

Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Intel Ethernet 700 Series Controllers is a network adapter product from Intel Corporation. An attacker could use this vulnerability to achieve privilege elevation

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which may allow for unauthorized access. plural Lenovo The product contains an unauthorized authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lenovo ThinkPad T460p and Lenovo ThinkPad T470p are both notebook computers of China Lenovo (Lenovo). There is a security vulnerability in Lenovo ThinkPad T460p and T470p. The vulnerability stems from the program's failure to trigger a BIOS tamper check mechanism. Attackers can use this vulnerability to gain unauthorized access