lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 7 Jun 2019 15:04:24 GMT
From: stevesim84@...il.com
To: bugtraq@...urityfocus.com
Subject: Newly releases IoT security issues

Two repositories containing security issues against various kinds of IoT devices ranging from consumer electronics such as smart routers, smart home controllers, smart IP cameras to IIoT used tools as well as routers seem to have been released.


One of them is identified by Samuel Huntley and it is in Moxa IIoT router -- https://github.com/samuelhuntley/Moxa_AWK_1121


The other one is identified by Mandar Satam who works in the security field and specializes in IoT security arena. The details of CVEs released by him are in

https://github.com/ethanhunnt/IoT_vulnerabilities


Overall there are 68 CVE issues identified in these documents. Also in addition, to those there are other security issues related to the same devices and their cloud or mobile applications that have not been provided with CVE ids.


    Vera -- CVE-2017-9388, CVE-2017-9384,CVE-2017-9381, CVE-2017-9390, CVE-2017-9387, CVE-2017-9389, CVE-2017-9386, CVE-2017-9385, CVE-2017-9383, CVE-2017-9382, CVE-2017-9391, CVE-2017-9392

    Starry -- CVE-2017-13718, CVE-2017-13717

    Shekar -- CVE-2017-10721, CVE-2017-10719, CVE-2017-10718, CVE-2017-10723, CVE-2017-10724, CVE-2017-10722, CVE-2017-10720

    Securifi -- CVE-2017-8336, CVE-2017-8335, CVE-2017-8329, CVE-2017-8333, CVE-2017-8331, CVE-2017-8328, CVE-2017-8334, CVE-2017-8332, CVE-2017-8330, CVE-2017-8337

    Dlink -- CVE-2017-8408, CVE-2017-8411, CVE-2017-8404, CVE-2017-8407, CVE-2017-8406, CVE-2017-8409, CVE-2017-8405, CVE-2017-8410, CVE-2017-8414, CVE-2017-8417, CVE-2017-8412, CVE-2017-8415, CVE-2017-8413, CVE-2017-8416

    Blipcare -- CVE-2017-11578, CVE-2017-11579, CVE-2017-11580

    Amcrest -- CVE-2017-8229, CVE-2017-8226, CVE-2017-8226, CVE-2017-8227, CVE-2017-8228, CVE-2017-13719


Up until above released on https://github.com/ethanhunnt/IoT_vulnerabilities


8. Moxa -- CVE-2018-10690, CVE-2018-10691, CVE-2018-10692, CVE-2018-10693, CVE-2018-10694, CVE-2018-10695, CVE-2018-10696, CVE-2018-10697, CVE-2018-10698, CVE-2018-10699, CVE-2018-10700, CVE-2018-10701, CVE-2018-10702, CVE-2018-10703


Up until above released on https://github.com/samuelhuntley/Moxa_AWK_1121


#IoT #IIoT #Security #Vulnerabilities #InsecureIoT #1-dayexploits

Powered by blists - more mailing lists