Sign-up

VARIoT news about IoT security

FortiManager Devices Mass Compromise Exploiting CVE-2024-47575 Vulnerability

Trust: 3.0

Fetched: Nov. 17, 2024, 10:40 a.m., Published: Oct. 25, 2024, 3:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-47575

Windows 11 KB5046617 KB5046633 November 2024 Patches And 4 Zero Day Vulnerabilities 91 Flaws HTMD Blog

Trust: 4.5

Fetched: Nov. 17, 2024, 10:39 a.m., Published: Nov. 12, 2024, 6:48 p.m.
 Vulnerabilities: memory leak
Affected productsExternal IDs
vendor: essential model: phone
vendor: asus model: asus
db: NVD ids: CVE-2024-49040, CVE-2024-43451, CVE-2024-49019, CVE-2024-49039

Apple Users In India Warned About Critical Security Vulnerability: Here's What You Need To Know

Trust: 3.75

Fetched: Nov. 17, 2024, 10:38 a.m., Published: Nov. 11, 2024, 9:12 a.m.
 Vulnerabilities: information disclosure, denial of service
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: apple tv
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: watchos
vendor: apple model: watch
vendor: apple model: tvos
vendor: apple model: iphone
vendor: apple model: software update

Infosec Press Reader

Trust: 4.5

Fetched: Nov. 17, 2024, 10:37 a.m., Published: Nov. 14, 2024, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: google model: home
vendor: google model: google chrome
vendor: google model: chrome
vendor: sophos model: mobile
db: NVD ids: CVE-2024-47139, CVE-2024-38814, CVE-2024-40711, CVE-2024-45844

IoT in the Crosshairs: Securing the New Digital Frontier - Security Buzz

Trust: 3.75

Fetched: Nov. 17, 2024, 10:36 a.m., Published: Nov. 5, 2024, 11:30 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security

Update Canonical Ubuntu Desktop: USN-7080-1: Unbound vulnerability

Trust: 3.0

Fetched: Nov. 17, 2024, 10:36 a.m., Published: Jan. 17, 7080, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Cisco - Firepower device manager Vulnerability Maturity Index CVE

Trust: 3.0

Fetched: Nov. 17, 2024, 10:35 a.m., Published: Nov. 2, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: firepower
vendor: cisco model: device manager

Update Canonical Ubuntu Desktop: USN-7071-1: Linux kernel vulnerability

Trust: 4.0

Fetched: Nov. 17, 2024, 10:35 a.m., Published: Jan. 17, 7071, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-45016

Cisco Industrial Wireless Software Flaw Let Attackers Run Command As Root User

Trust: 3.75

Fetched: Nov. 17, 2024, 10:32 a.m., Published: Nov. 7, 2024, 2:54 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: aironet 2800 series
vendor: cisco model: catalyst iw6300
vendor: cisco model: aironet 1830 series
vendor: cisco model: aironet 1830
vendor: cisco model: series
vendor: cisco model: aironet 1810 series
vendor: cisco model: wireless lan controller
vendor: cisco model: aironet 4800
vendor: cisco model: aironet 3800 series
vendor: cisco model: aironet 1810
vendor: cisco model: aironet
vendor: cisco model: aironet 2800
vendor: cisco model: aironet 1540
vendor: cisco model: aironet 1850
vendor: cisco model: aironet 1810w series access points
vendor: cisco model: access points
vendor: cisco model: aironet 3800
vendor: cisco model: aironet 1560
vendor: cisco model: aironet 1850 series
vendor: cisco model: catalyst
vendor: cisco model: aironet 1560 series
vendor: cisco model: catalyst 9100
vendor: cisco model: catalyst 9100 series
vendor: cisco model: aironet 1540 series
vendor: mesh model: mesh
db: NVD ids: CVE-2024-20418

Emerging Technology Impact on Medical Device Cybersecurity - Blue Goat Cyber

Trust: 3.75

Fetched: Nov. 17, 2024, 10:31 a.m., Published: Feb. 11, 2024, 2:34 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Critical Command Injection Bug Hits Cisco’s URWB Devices

Trust: 5.75

Fetched: Nov. 17, 2024, 10:31 a.m., Published: Nov. 7, 2024, 6:48 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: series
vendor: cisco model: aironet
vendor: cisco model: access points
vendor: cisco model: catalyst
db: NVD ids: CVE-2024-20418

How to Respond: OpenSSH Vulnerability CVE-2024-6387 | UpGuard

Trust: 4.0

Fetched: Nov. 17, 2024, 10:24 a.m., Published: Nov. 19, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21410, CVE-2024-6387, CVE-2006-5051, CVE-2024-638

Securing the Internet of Things: AI-Powered Threat Detection and Safety Measures | SpringerLink

Trust: 5.5

Fetched: Nov. 17, 2024, 10:17 a.m., Published: Nov. 17, 2024, midnight
 Vulnerabilities: injection attack

No Fix Coming for Critical D-Link Vulnerability - Lansweeper

Related entries in the VARIoT vulnerabilities database: VAR-202411-0293

Trust: 5.75

Fetched: Nov. 17, 2024, 10:17 a.m., Published: Nov. 12, 2024, 12:35 p.m.
 Vulnerabilities: command execution, command injection, privilege escalation
Affected productsExternal IDs
vendor: d-link model: dns-340l
vendor: d-link model: dns-320lw
vendor: d-link model: dns-325
vendor: d-link model: dns-320
db: NVD ids: CVE-2024-10914

Critical Bug In Cisco’s URWB Exposes Systems To Root Privilege Command Injection

Trust: 5.5

Fetched: Nov. 17, 2024, 10:16 a.m., Published: Nov. 7, 2024, 12:05 p.m.
 Vulnerabilities: command execution, cross-site scripting, command injection
Affected productsExternal IDs
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: cisco ios
vendor: cisco model: series
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: small business
vendor: cisco model: aironet
vendor: cisco model: access points
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe
vendor: cisco model: catalyst
vendor: cisco model: catalyst 9100
vendor: cisco model: catalyst 9100 series
vendor: cisco model: firepower threat defense
db: NVD ids: CVE-2024-20418, CVE-2024-37383, CVE-2024-20481

Security Bulletin: PAN-OS Remote Code Execution Vulnerability

Trust: 3.25

Fetched: Nov. 17, 2024, 10:13 a.m., Published: Nov. 19, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Revamped Remcos RAT Deployed Against Microsoft Users

Trust: 4.75

Fetched: Nov. 17, 2024, 10:02 a.m., Published: Nov. 5, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2017-0199

A new vulnerability on IPv6 parsing in linux | Hacker News

Trust: 3.0

Fetched: Nov. 17, 2024, 10:01 a.m., Published: Nov. 17, 2033, midnight
 Vulnerabilities: memory leak
Affected productsExternal IDs

CVE-2022-20846 - Cisco IOS XR Software Cisco Discovery Protocol Buffer Overflow Vulnerability - SecAlerts

Trust: 5.5

Fetched: Nov. 17, 2024, 10:01 a.m., Published: Nov. 4, 2024, midnight
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: cisco model: ios xr
vendor: cisco model: cisco ios xr
vendor: cisco model: ios xr software
vendor: cisco model: cisco ios
db: NVD ids: CVE-2022-20846

D-Link says it won’t fix a serious security flaw affecting 60,000 older NAS devices | TechRadar

Related entries in the VARIoT vulnerabilities database: VAR-202411-0293

Trust: 6.0

Fetched: Nov. 17, 2024, 10:01 a.m., Published: Nov. 11, 2024, 7:06 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dns-320
db: NVD ids: CVE-2024-10914