Shodan
Vulnerabilities
Vulnerable Software
Microchip:  Security Vulnerabilities
CVE-2020-12788
CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-09-14
CVE-2020-12789
The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-09-14
CVE-2020-9028
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenance" screen (when creating a new user).
CVSS Score
6.1
EPSS Score
0.003
Published
2020-02-17
CVE-2020-9029
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-17
CVE-2020-9030
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-17
CVE-2020-9031
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-17
CVE-2020-9032
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-17
CVE-2020-9033
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-17
CVE-2020-9034
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mishandle session validation, leading to unauthenticated creation, modification, or elimination of users.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-02-17
CVE-2019-19195
The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved