Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2020-7487 | A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execut… | Critical (9.8) | 2020-04-22 | Environment Specific |
| CVE-2019-6859 | A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions of the following CPUs… | High (7.5) | 2020-04-22 | Environment Specific |
| CVE-2018-21130 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.… | High (8.8) | 2020-04-22 | Environment Specific |
| CVE-2018-21129 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC505 before 5.0.0.17 and WA… | Medium (6.5) | 2020-04-22 | Environment Specific |
| CVE-2018-21128 | Certain NETGEAR devices are affected by authentication bypass. This affects WAC505 before 5.0.0.17 and WAC510 before 5.… | High (8.8) | 2020-04-22 | Environment Specific |