Vulnerabilities > Sierrawireless

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-21	CVE-2019-11856	Authentication Bypass by Capture-replay vulnerability in Sierrawireless Aleos A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. network low complexity sierrawireless CWE-294	3.8
2020-08-21	CVE-2019-11855	Unspecified vulnerability in Sierrawireless Aleos An RPC server is enabled by default on the gateway's LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9. network low complexity sierrawireless critical	9.8
2020-08-21	CVE-2019-11853	Command Injection vulnerability in Sierrawireless Aleos Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4. network low complexity sierrawireless CWE-77	7.2
2020-08-21	CVE-2019-11852	Out-of-bounds Read vulnerability in Sierrawireless Aleos An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. network low complexity sierrawireless CWE-125 critical	9.1
2020-08-21	CVE-2019-11850	Out-of-bounds Write vulnerability in Sierrawireless Aleos A stack overflow vulnerabiltity exist in the AT command interface of ALEOS before 4.11.0. local low complexity sierrawireless CWE-787	6.7
2020-08-21	CVE-2019-11849	Out-of-bounds Write vulnerability in Sierrawireless Aleos A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. local low complexity sierrawireless CWE-787	6.7
2020-08-21	CVE-2019-11848	Out-of-bounds Write vulnerability in Sierrawireless Aleos An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values. network low complexity sierrawireless CWE-787	7.2
2020-08-21	CVE-2019-11847	Improper Privilege Management vulnerability in Sierrawireless Aleos An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. local low complexity sierrawireless CWE-269	7.8
2020-04-15	CVE-2020-8948	Link Following vulnerability in Sierrawireless Mobile Broadband Driver Package The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) before build 5043 allows an unprivileged user to overwrite arbitrary files in arbitrary folders using hard links. local low complexity sierrawireless CWE-59	7.8
2019-10-31	CVE-2018-4064	Improper Authentication vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. network low complexity sierrawireless CWE-287	7.1

Vulnerabilities > Sierrawireless {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sierrawireless"}]}

Vulnerabilities > Sierrawireless