Sign-up

VARIoT news about IoT security

Critical Zero-Day Vulnerability in Samsung Mobile Processors

Trust: 5.5

Fetched: Nov. 27, 2024, 9:29 a.m., Published: Oct. 22, 2024, 2:33 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: exynos
db: NVD ids: CVE-2024-44068

CERT-In Alert: Multiple Vulnerabilities In Android Impacting Millions Of Devices

Trust: 6.75

Fetched: Nov. 27, 2024, 9:26 a.m., Published: Nov. 26, 2024, 2:44 p.m.
 Vulnerabilities: code execution, privilege escalation, denial of service
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-20484, CVE-2023-35659, CVE-2024-21455, CVE-2024-43093, CVE-2024-20104, CVE-2024-38402, CVE-2024-20536

CCNA 1 v7 Modules 16 - 17: Building and Securing a Small Network Exam Answers

Trust: 4.0

Fetched: Nov. 27, 2024, 9:24 a.m., Published: Sept. 19, 2024, 2:01 a.m.
 Vulnerabilities: sql injection, default password, denial of service
Affected productsExternal IDs
vendor: cisco model: intrusion prevention system
vendor: cisco model: routers
vendor: cisco model: cisco ios
vendor: cisco model: series
vendor: cisco model: small business
vendor: cisco model: router
vendor: cisco model: cisco routers

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog - Security Affairs

Trust: 4.75

Fetched: Nov. 27, 2024, 9:23 a.m., Published: Nov. 5, 2024, 12:23 p.m.
 Vulnerabilities: command injection, os command injection, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-8957, CVE-2024-8956

Remote Code Execution Vulnerability in Alpine Halo9 Devices (CVE-2024-23935) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 3.25

Fetched: Nov. 27, 2024, 9:22 a.m., Published: Sept. 28, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-23935

Update your iPhone, Mac, Watch: Apple issues patches for several vulnerabilities | Malwarebytes

Trust: 3.75

Fetched: Nov. 26, 2024, 10:16 a.m., Published: Oct. 29, 2024, 1:07 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: watchos
vendor: apple model: itunes
vendor: apple model: macos
vendor: apple model: tvos
vendor: apple model: software update
vendor: apple model: iphone
db: NVD ids: CVE-2024-44274, CVE-2024-40867, CVE-2024-44282

CISA Adds Three Critical Vulnerabilities To The Known Exploited Vulnerabilities Catalog

Trust: 5.25

Fetched: Nov. 26, 2024, 10:15 a.m., Published: Nov. 19, 2024, 8:58 a.m.
 Vulnerabilities: os command injection, privilege escalation, command injection...
Affected productsExternal IDs
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
db: NVD ids: CVE-2017-1000253, CVE-2016-3714, CVE-2024-1212, CVE-2024-9474, CVE-2024-0012, CVE-2024-40766, CVE-2024-9463, CVE-2024-9465

Cellular IoT Vulnerabilities: Another Door to Cellular Networks | Trend Micro (US)

Related entries in the VARIoT vulnerabilities database: VAR-202310-0004, VAR-202011-1308, VAR-202408-1859

Trust: 4.5

Fetched: Nov. 26, 2024, 10:14 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: d-link model: router
vendor: trend micro model: security
vendor: trend model: security
vendor: tp-link model: gateway
vendor: tp-link model: routers
db: NVD ids: CVE-2023-43261, CVE-2020-3657, CVE-2023-47610, CVE-2024-20082

CISA Warns of PTZOptics Cameras Vulnerability Exploited to Escalate Privileges

Trust: 3.75

Fetched: Nov. 26, 2024, 10:13 a.m., Published: Nov. 5, 2024, 8:55 a.m.
 Vulnerabilities: authentication bypass, command injection, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-8956, CVE-2024-8957

Vulnerability Scanning with Nessus: A Practical Guide

Trust: 3.0

Fetched: Nov. 26, 2024, 10:13 a.m., Published: Nov. 19, 2024, 7:13 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

Update Canonical Ubuntu Desktop: USN-7084-1: urllib3 vulnerability

Trust: 3.25

Fetched: Nov. 26, 2024, 10:11 a.m., Published: Jan. 26, 7084, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Frontiers | Research on relay setting attack defense in power systems based on a three-layer optimization model

Trust: 4.25

Fetched: Nov. 26, 2024, 10:09 a.m., Published: -
 Vulnerabilities: data injection, injection attack, denial of service
Affected productsExternal IDs
vendor: trend model: security
vendor: axis model: axis

Update Your Apple Devices to Patch Two Live Security Vulnerabilities | Lifehacker

Trust: 4.5

Fetched: Nov. 26, 2024, 10:09 a.m., Published: Nov. 19, 2024, 9:30 p.m.
 Vulnerabilities: code execution, cross-site scripting
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: software update
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2024-44309, CVE-2024-44308

Writing a Cybersecurity Report Executive Summary (inc. Examples) | UpGuard

Trust: 3.75

Fetched: Nov. 26, 2024, 10:08 a.m., Published: -
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Machine Learning-Based Methodologies for Cyber-Attacks and Network Traffic Monitoring: A Review and Insights

Trust: 3.25

Fetched: Nov. 26, 2024, 10:06 a.m., Published: Nov. 20, 2024, midnight
 Vulnerabilities: sql injection, command injection, denial of service
Affected productsExternal IDs

Volatile Memory Explained - Blue Goat Cyber

Trust: 3.75

Fetched: Nov. 26, 2024, 10:05 a.m., Published: Feb. 24, 2024, 2:10 p.m.
 Vulnerabilities: system crash
Affected productsExternal IDs
vendor: dram model: dram

Feature Spotlight - Using IP Fabric to Protect Against Network Vulnerabilities - IP Fabric

Trust: 4.0

Fetched: Nov. 26, 2024, 10:05 a.m., Published: Nov. 22, 2024, 1:28 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: palo model: networks

Vulnerability Recap 11/4/24: Microsoft, Google, Rockwell

Related entries in the VARIoT vulnerabilities database: VAR-202410-3402

Trust: 4.25

Fetched: Nov. 26, 2024, 10:05 a.m., Published: Nov. 4, 2024, 9:26 p.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: rockwell model: factorytalk
vendor: mitsubishi electric model: mx component
vendor: mitsubishi model: mx component
vendor: rockwell automation model: factorytalk
db: NVD ids: CVE-2023-6943, CVE-2024-10386

Over 900,000 DrayTek Routers Still at Risk One Month After Critical Vulnerability Disclosure | CIP Blog

Related entries in the VARIoT vulnerabilities database: VAR-202410-3635

Trust: 4.75

Fetched: Nov. 26, 2024, 10:03 a.m., Published: Oct. 31, 2024, 8 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: draytek model: draytek routers
vendor: draytek model: vigor
vendor: draytek model: routers
db: NVD ids: CVE-2024-41592, CVE-2024-41585

Android 15 users beware, govt has issues a high risk warning and you should not ignore it - India Today

Trust: 4.0

Fetched: Nov. 26, 2024, 9:36 a.m., Published: Nov. 26, 2024, 6:08 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: android