Aleos Security Vulnerabilities and Issues — Aleos CVE List

Lucene search

SierrawirelessAleos

6 matches found

CVE•added 2022/12/26 10:15 p.m.•62 views

CVE-2019-11851

The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow.

9.8CVSS9.7AI score0.0002EPSS

CVE•added 2020/08/21 7:15 p.m.•50 views

CVE-2019-11859

A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.

9CVSS7.8AI score0.0002EPSS

CVE•added 2020/08/21 7:15 p.m.•48 views

CVE-2019-11852

An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. Sensitive information may be disclosed via the ACEviewservice, accessible by default on the LAN.

9.1CVSS6.5AI score0.00019EPSS

CVE•added 2020/08/21 7:15 p.m.•47 views

CVE-2019-11857

Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information.

9.1CVSS5.5AI score0.00013EPSS

CVE•added 2020/08/21 7:15 p.m.•42 views

CVE-2019-11855

An RPC server is enabled by default on the gateway's LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9.

9.8CVSS9.1AI score0.00019EPSS

CVE•added 2020/10/06 2:15 p.m.•37 views

CVE-2020-8782

Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution.

9.8CVSS9.1AI score0.06974EPSS