Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2020-5204 | In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer th… | Medium (6.5) | 2020-01-06 | Environment Specific |
| CVE-2019-16274 | DTEN D5 before 1.3 and D7 before 1.3 devices transfer customer data files via unencrypted HTTP. | High (7.5) | 2020-01-06 | Environment Specific |
| CVE-2019-16273 | DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading… | Critical (9.8) | 2020-01-06 | Environment Specific |
| CVE-2019-16272 | On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge (adb) ena… | Critical (9.8) | 2020-01-06 | Environment Specific |
| CVE-2019-9472 | In DCRYPTO_equals of compare.c, there is a possible timing attack due to improperly used crypto. This could lead to loc… | Medium (5.5) | 2020-01-06 | Environment Specific |