Sign-up

VARIoT news about IoT security

Ivanti Connect Secure Zero-Day Threat: 2,048 Vulnerable Devices and Critical Exploitation Details Unveiled

Trust: 4.0

Fetched: Jan. 17, 2025, 9:08 a.m., Published: Jan. 11, 2025, 1:40 a.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-0282

Fortinet Authentication Bypass Vulnerability Audit - CVE-2024-55591 - Lansweeper

Trust: 4.0

Fetched: Jan. 17, 2025, 9:07 a.m., Published: Jan. 15, 2025, 2:24 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-55591

CISA Warns of Three Vulnerabilities Actively Exploited in Attacks

Trust: 5.0

Fetched: Jan. 15, 2025, 9:58 a.m., Published: Jan. 8, 2025, 2:50 p.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
vendor: mitel model: micollab
db: NVD ids: CVE-2024-55550, CVE-2024-41713, CVE-2020-2883

Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Authentication Bypass

Trust: 3.0

Fetched: Jan. 15, 2025, 9:54 a.m., Published: Jan. 14, 2025, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs

Understanding CVE-2025-21229: Elevation of Privilege Vulnerability in Windows | Windows Forum

Trust: 3.75

Fetched: Jan. 15, 2025, 9:53 a.m., Published: May 15, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-21229

CVE-2024-12847 : Authentication Bypass Vulnerability in NETGEAR DGN1000 Router | SecurityVulnerability.io

Related entries in the VARIoT vulnerabilities database: VAR-202501-1344

Trust: 5.0

Fetched: Jan. 15, 2025, 9:53 a.m., Published: Jan. 10, 2025, 8:15 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: netgear model: router
vendor: netgear model: dgn1000
db: NVD ids: CVE-2024-12847

Schneider Electric Vulnerability: CVE-2024-8401 in EcoStruxure Systems Explained | Windows Forum

Trust: 4.0

Fetched: Jan. 15, 2025, 9:52 a.m., Published: May 15, 2025, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2024-8401

Samsung has fixed RCS vulnerability (for your information) - Samsung Community

Trust: 3.25

Fetched: Jan. 15, 2025, 9:51 a.m., Published: Jan. 15, 2025, 7:30 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung

CVE-2024-12398 impacts Zyxel Devices

Related entries in the VARIoT vulnerabilities database: VAR-202205-0957

Trust: 5.75

Fetched: Jan. 15, 2025, 9:51 a.m., Published: Jan. 14, 2025, 1:14 p.m.
 Vulnerabilities: privilege management flaw, denial of service, code execution...
Affected productsExternal IDs
vendor: zyxel model: nas542
vendor: zyxel model: nas326
db: NVD ids: CVE-2024-12398, CVE-2022-30525, CVE-2024-29973, CVE-2024-29972

CVE-2024-7344: Secure Boot Vulnerability Discovered in Howyar Taiwan Devices | Windows Forum

Trust: 3.75

Fetched: Jan. 15, 2025, 9:50 a.m., Published: May 15, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-7344

Understanding CVE-2025-21207: Windows Cdpsvc Vulnerability Overview | Windows Forum

Trust: 4.5

Fetched: Jan. 15, 2025, 9:49 a.m., Published: May 15, 2025, midnight
 Vulnerabilities: privilege escalation, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2025-21207

DSA-2025-033: Security Update for Dell Display Manager for Multiple Vulnerabilities | Dell US

Trust: 3.0

Fetched: Jan. 15, 2025, 9:46 a.m., Published: Feb. 3, 2002, 6 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-21101

Fortinet addresses security concerns over Fortinet FortiGate zero-day - Cyber Daily

Trust: 5.75

Fetched: Jan. 15, 2025, 9:45 a.m., Published: Jan. 15, 2025, 12:43 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: node.js model: node.js
vendor: fortigate model: fortios
db: NVD ids: CVE-2024-55591

RSYNC Vulnerability Announcement (Upgrade Patch Pushed) - Deepin Technology Community

Trust: 4.75

Fetched: Jan. 15, 2025, 9:44 a.m., Published: Jan. 23, 2025, midnight
 Vulnerabilities: buffer overflow, symbolic link attack, path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2024-12087, CVE-2024-12086, CVE-2024-12089, CVE-2024-12085, CVE-2024-12084, CVE-2024-12088

DNA research at risk thanks to BIOS security weaknesses • The Register

Trust: 4.0

Fetched: Jan. 15, 2025, 9:44 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

VERT Threat Alert: January 2025 Patch Tuesday Analysis | Tripwire

Trust: 3.0

Fetched: Jan. 15, 2025, 9:42 a.m., Published: Jan. 15, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-21323, CVE-2025-21382, CVE-2025-21219, CVE-2025-21250, CVE-2025-21354, CVE-2025-21339, CVE-2025-21246, CVE-2025-21389, CVE-2025-21335, CVE-2025-21341, CVE-2025-21311, CVE-2025-21282, CVE-2025-21171, CVE-2025-21403, CVE-2025-21321, CVE-2025-21378, CVE-2025-21186, CVE-2025-21328, CVE-2025-21317, CVE-2025-21297, CVE-2025-21268, CVE-2025-21224, CVE-2025-21225, CVE-2025-21329, CVE-2025-21275, CVE-2025-21298, CVE-2025-21213, CVE-2025-21227, CVE-2025-21261, CVE-2025-21220, CVE-2025-21292, CVE-2025-21245, CVE-2025-21312, CVE-2025-21263, CVE-2025-21249, CVE-2025-21189, CVE-2025-21319, CVE-2025-21301, CVE-2025-21362, CVE-2025-21226, CVE-2025-21345, CVE-2025-21305, CVE-2025-21332, CVE-2025-21236, CVE-2025-21252, CVE-2025-21306, CVE-2025-21294, CVE-2025-21326, CVE-2025-21302, CVE-2025-21333, CVE-2025-21417, CVE-2025-21234, CVE-2025-21320, CVE-2025-21215, CVE-2025-21265, CVE-2025-21374, CVE-2025-21280, CVE-2025-21411, CVE-2025-21278, CVE-2025-21385, CVE-2025-21360, CVE-2025-21277, CVE-2025-21365, CVE-2025-21274, CVE-2025-21202, CVE-2025-21357, CVE-2025-21336, CVE-2025-21284, CVE-2025-21230, CVE-2025-21291, CVE-2025-21348, CVE-2025-21293, CVE-2025-21223, CVE-2025-21327, CVE-2025-21276, CVE-2025-21187, CVE-2025-21309, CVE-2025-21318, CVE-2025-21314, CVE-2025-21270, CVE-2025-21340, CVE-2025-21218, CVE-2025-21233, CVE-2025-21235, CVE-2025-21243, CVE-2025-21361, CVE-2025-21289, CVE-2025-21172, CVE-2025-21266, CVE-2025-21409, CVE-2025-21258, CVE-2025-21331, CVE-2025-21330, CVE-2025-21413, CVE-2025-21214, CVE-2025-21244, CVE-2025-21315, CVE-2025-21393, CVE-2025-21346, CVE-2025-21307, CVE-2025-21229, CVE-2025-21239, CVE-2025-21231, CVE-2025-21338, CVE-2025-21364, CVE-2025-21240, CVE-2025-21242, CVE-2025-21356, CVE-2025-21299, CVE-2025-21248, CVE-2025-21237, CVE-2025-21324, CVE-2025-21173, CVE-2025-21288, CVE-2025-21343, CVE-2025-21228, CVE-2025-21210, CVE-2025-21281, CVE-2025-21402, CVE-2025-21176, CVE-2025-21313, CVE-2025-21366, CVE-2025-21207, CVE-2025-21308, CVE-2025-21273, CVE-2025-21178, CVE-2025-21296, CVE-2025-21256, CVE-2025-21304, CVE-2025-21232, CVE-2025-21405, CVE-2025-21251, CVE-2025-21285, CVE-2025-21363, CVE-2025-21395, CVE-2025-21211, CVE-2025-21303, CVE-2025-21300, CVE-2025-21286, CVE-2025-21257, CVE-2025-21271, CVE-2025-21295, CVE-2025-21310, CVE-2025-21334, CVE-2025-21372, CVE-2025-21290, CVE-2025-21255, CVE-2024-7344, CVE-2025-21344, CVE-2025-21287, CVE-2024-50338, CVE-2025-21241, CVE-2025-21370, CVE-2025-21238, CVE-2025-21269, CVE-2025-21193, CVE-2025-21316, CVE-2025-21217, CVE-2025-21272, CVE-2025-21260, CVE-2025-21380

An Overview of the Nominet Security Breach Tied to Ivanti VPN Vulnerability (CVE-2025-0282) - SOCRadar® Cyber Intelligence Inc.

Trust: 3.5

Fetched: Jan. 15, 2025, 9:42 a.m., Published: Jan. 14, 2025, 12:18 p.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-0282, CVE-2025-0283

CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild - Security Boulevard

Trust: 3.25

Fetched: Jan. 15, 2025, 9:41 a.m., Published: Jan. 14, 2025, 8 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-55591

Microsoft and Adobe Patch Tuesday, January 2025 Security Update Review | Qualys Security Blog

Trust: 4.75

Fetched: Jan. 15, 2025, 9:34 a.m., Published: Jan. 14, 2025, 8:40 p.m.
 Vulnerabilities: denial of service, code execution, information disclosure...
Affected productsExternal IDs
db: NVD ids: CVE-2025-21219, CVE-2025-21210, CVE-2025-21335, CVE-2025-21308, CVE-2025-21311, CVE-2025-21333, CVE-2025-21315, CVE-2025-21307, CVE-2025-21334, CVE-2025-21328, CVE-2025-21365, CVE-2025-21297, CVE-2025-21268, CVE-2025-21224, CVE-2025-21329, CVE-2025-21298, CVE-2025-21292, CVE-2025-21364, CVE-2025-21309, CVE-2025-21269, CVE-2025-21314, CVE-2025-21299, CVE-2025-21189

Hackers are exploiting a new Fortinet firewall bug to breach company networks | TechCrunch

Trust: 3.0

Fetched: Jan. 15, 2025, 9:33 a.m., Published: Jan. 14, 2025, 9:25 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-55591