Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2020-9024 | Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (… | Critical (9.8) | 2020-02-17 | Environment Specific |
| CVE-2020-9023 | Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented and are configured wi… | Critical (9.8) | 2020-02-17 | Environment Specific |
| CVE-2020-9022 | An issue was discovered on Xirrus XR520, XR620, XR2436, and XH2-120 devices. The cgi-bin/ViewPage.cgi user parameter al… | Medium (6.1) | 2020-02-17 | Environment Specific |
| CVE-2020-9021 | Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12… | Critical (9.8) | 2020-02-17 | Environment Specific |
| CVE-2020-9020 | Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeco… | Critical (9.8) | 2020-02-17 | Environment Specific |