Sierrawireless : Security Vulnerabilities, CVEs, (Overflow)

CVE-2023-40465

Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal.
Max CVSS
8.3
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-08

CVE-2019-11859

A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.
Max CVSS
9.0
EPSS Score
0.11%
Published
2020-08-21
Updated
2022-02-09

CVE-2019-11858

Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9.
Max CVSS
7.2
EPSS Score
0.11%
Published
2020-08-21
Updated
2022-02-09

CVE-2019-11851

The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow.
Max CVSS
9.8
EPSS Score
0.64%
Published
2022-12-26
Updated
2023-01-06
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close