Vendor
ALEOS
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-11847 | Hig | 0.47 | 7.3 | 0.00 | Aug 21, 2020 | An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. An authenticated user can escalate to root via the command shell. | ||
| CVE-2019-11859 | Med | 0.39 | 6.0 | 0.02 | Aug 21, 2020 | A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root. | ||
| CVE-2019-11856 | Low | 0.22 | 3.3 | 0.01 | Aug 21, 2020 | A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. Captured traffic to the ACEView service can be replayed to other gateways sharing the same credentials. |
- risk 0.47cvss 7.3epss 0.00
An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. An authenticated user can escalate to root via the command shell.
- risk 0.39cvss 6.0epss 0.02
A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.
- risk 0.22cvss 3.3epss 0.01
A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. Captured traffic to the ACEView service can be replayed to other gateways sharing the same credentials.