This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Top IoT Vulnerabilities"
From OWASP
Craig Smith (talk | contribs) (Created page with "= Top IoT Vulnerabilities = The top IoT vulnerabilities (DRAFT) are as follow: {| border="1" class="wikitable" style="text-align: left" ! Vulnerability ! Attack Surface ! Su...") |
Craig Smith (talk | contribs) |
||
(5 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | = | + | <center>[https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=IoT_Vulnerabilities Back To IoT Vulnerabilities Project]</center> |
− | The | + | The OWASP Top 10 IoT Vulnerabilities from 2014 are as follows: |
{| border="1" class="wikitable" style="text-align: left" | {| border="1" class="wikitable" style="text-align: left" | ||
− | ! | + | ! Rank |
− | ! | + | ! Title |
− | + | |- | |
− | |- | + | | '''I1''' |
− | | ''' | ||
− | |||
− | |||
− | |||
− | |||
− | |||
| | | | ||
− | * | + | * [[Top_10_2014-I1 Insecure Web Interface | Insecure Web Interface]] |
− | |- | + | |- |
− | | ''' | + | | '''I2''' |
| | | | ||
− | * | + | * [[Top_10_2014-I2 Insufficient Authentication/Authorization | Insufficient Authentication/Authorization]] |
− | + | |- | |
− | + | | '''I3''' | |
− | |||
| | | | ||
− | * | + | * [[Top_10_2014-I3 Insecure Network Services | Insecure Network Services]] |
|- | |- | ||
− | | ''' | + | | '''I4''' |
− | |||
− | |||
− | |||
− | |||
− | |||
| | | | ||
− | * | + | * [[Top_10_2014-I4 Lack of Transport Encryption | Lack of Transport Encryption/Integrity Verification]] |
− | |- | + | |- |
− | | ''' | + | | '''I5''' |
| | | | ||
− | * | + | * [[Top_10_2014-I5 Privacy Concerns | Privacy Concerns]] |
+ | |- | ||
+ | | '''I6''' | ||
| | | | ||
− | * | + | * [[Top_10_2014-I6 Insecure Cloud Interface | Insecure Cloud Interface]] |
− | |- | + | |- |
− | | ''' | + | | '''I7''' |
| | | | ||
− | * | + | * [[Top_10_2014-I7 Insecure Mobile Interface | Insecure Mobile Interface]] |
− | + | |- | |
− | + | | '''I8''' | |
| | | | ||
− | * | + | * [[Top_10_2014-I8 Insufficient Security Configurability | Insufficient Security Configurability]] |
− | |- | + | |- |
− | | ''' | + | | '''I9''' |
| | | | ||
− | * | + | * [[Top_10_2014-I9 Insecure Software/Firmware | Insecure Software/Firmware]] |
+ | |- | ||
+ | | '''I10''' | ||
| | | | ||
− | * | + | * [[Top_10_2014-I10 Poor Physical Security | Poor Physical Security]] |
− | + | |- | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | | | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |- | ||
|} | |} |
Latest revision as of 15:19, 18 May 2016
The OWASP Top 10 IoT Vulnerabilities from 2014 are as follows:
Rank | Title |
---|---|
I1 | |
I2 | |
I3 | |
I4 | |
I5 | |
I6 | |
I7 | |
I8 | |
I9 | |
I10 |