Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2020-8960 | Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS. | Medium (6.1) | 2020-02-20 | Environment Specific |
| CVE-2020-9015 | Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly ot… | Critical (9.8) | 2020-02-20 | Environment Specific |
| CVE-2020-8990 | Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation. | Critical (9.1) | 2020-02-20 | Environment Specific |
| CVE-2019-11189 | Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) … | High (7.5) | 2020-02-20 | Environment Specific |
| CVE-2020-6977 | A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. Speci… | Medium (6.8) | 2020-02-20 | Environment Specific |