CVE-2020-10639 – Eaton HMiSoft VU3 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-10639
Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could cause a buffer overflow when loaded by the affected product. Eaton HMiSoft VU3 (el tiempo de ejecución de HMIVU3 no está impactado), versiones 3.00.23 y anteriores, sin embargo, los tiempos de ejecución de HMIVU no están impactados por estos problemas. Un archivo de entrada especialmente diseñado podría causar un desbordamiento del búfer cuando es cargado por parte del producto afectado. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. • https://www.us-cert.gov/ics/advisories/icsa-20-105-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVE-2020-10637 – Eaton HMiSoft VU3 File Parsing wTextLen Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-10637
Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could trigger an out-of-bounds read when loaded by the affected product. Eaton HMiSoft VU3 (el tiempo de ejecución de HMIVU3 no está impactado), versiones 3.00.23 y anteriores, sin embargo, los tiempos de ejecución de HMIVU no están impactados por estos problemas. Un archivo de entrada especialmente diseñado podría desencadenar una lectura fuera de límites cuando es cargado por el producto afectado. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Eaton HMiSoft. • https://www.us-cert.gov/ics/advisories/icsa-20-105-01 • CWE-125: Out-of-bounds Read •
CVE-2020-6650 – Arbitrary code execution through “Update Manager” Class
https://notcve.org/view.php?id=CVE-2020-6650
UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates available. This results in arbitrary code execution on the machine where software is installed. UPS companion software versiones v1.05 y anteriores, está afectado por una vulnerabilidad de "Eval Injection". El software no neutraliza o neutraliza incorrectamente una sintaxis del código antes de usar la entrada en una llamada de evaluación dinámica, por ejemplo, "eval" en una clase "Update Manager" cuando el software intenta visualizar si existen actualizaciones disponibles. • https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-vulnerability-advisory-UPS-companion-software.pdf • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVE-2020-7915
https://notcve.org/view.php?id=CVE-2020-7915
An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator. Se descubrió un problema en los dispositivos Eaton 5P 850. El campo Ubicacion SAI permite ataques de tipo XSS por parte de un administrador. • https://sku11army.blogspot.com/2020/01/eaton-authenticated-stored-cross-site.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-5625 – Eaton Halo Home Android App Insecure Storage
https://notcve.org/view.php?id=CVE-2019-5625
The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by reusing the stored OAuth token, thus allowing them to view and change the user's personal information stored in the backend cloud service. The attacker would first need to gain physical control of the Android device or compromise it with a malicious app. La aplicación móvil de Android Halo Home versión anterior a 1.11.0, almacena la autenticación OAuth y actualiza los tokens de acceso en un archivo de texto sin cifrar. • https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/CVE-2019-5625-Halo-home-smart-lighting-vulnerability-advisory.pdf • CWE-522: Insufficiently Protected Credentials CWE-922: Insecure Storage of Sensitive Information •