Vulnerabilities > Sierrawireless > Aleos > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-21 | CVE-2019-11853 | Command Injection vulnerability in Sierrawireless Aleos Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4. | 7.2 |
| 2020-08-21 | CVE-2019-11848 | Out-of-bounds Write vulnerability in Sierrawireless Aleos An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values. | 7.2 |
| 2020-08-21 | CVE-2019-11847 | Improper Privilege Management vulnerability in Sierrawireless Aleos An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. | 7.8 |