8 matches found
Microsoft Azure IoT CLI Authorization Issues Vulnerability
Microsoft Azure IoT is a centralized managed service from Microsoft Corporation USA. for bi-directional communication between IoT applications and their managed devices. An authorization issue vulnerability exists in the Microsoft Azure IoT CLI. The following products and versions are affected:...
Microsoft Azure IoT Java SDK CVE-2019-0741 Information Disclosure Vulnerability
Description Microsoft Azure IoT Java SDK is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Java SDK for Azure IoT Recommendations Run all software as a...
Microsoft Azure IoT Java SDK CVE-2019-0729 Remote Privilege Escalation Vulnerability
Description Microsoft Azure IoT Java SDK is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microso...
Microsoft Azure IoT Device Client SDK Remote Memory Corruption Vulnerability
Microsoft C SDK for Azure IoT is a C-based software development kit for developing Azure IoT Internet of Things platform applications from Microsoft. A remote memory corruption vulnerability exists in the Microsoft Azure IoT Device Client SDK. An attacker can exploit this vulnerability to execute...
Microsoft Azure IoT Device Client SDK CVE-2018-8531 Remote Memory Corruption Vulnerability
Description Microsoft Azure IoT Device Client SDK is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...
Server Spoofing
Microsoft.Azure.IoTHub.IoTHubClient is vulnerable to server spoofing. The library does not enforce HTTP certificates properly, allowing a malicious user conducting a Man-in-the-Middle MitM attack to impersonate the server...
Microsoft Azure IoT SDK CVE-2018-8479 Spoofing Vulnerability
Description Microsoft Azure IoT SDK is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. Successful exploits may allow attackers to perform man-in-the-middle attacks or impersonate server, which will aid in further attacks. Technologies Affected Microsoft C S...
Multiple Microsoft Azure IoT SDKs CVE-2018-8119 Man in the Middle Spoofing Vulnerability
Description Multiple Microsoft Azure IoT SDKs are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. A man-in-the-middle attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies...