Sign-up

VARIoT news about IoT security

TeamViewer for Windows Vulnerability Let Attackers Escalate Privileges

Trust: 4.75

Fetched: Nov. 1, 2024, 9:34 a.m., Published: Sept. 25, 2024, 3:40 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2024-7479, CVE-2024-7481

Old Samsung Phones at Risk: Uncover the Serious Vulnerability Endangering Your Device! - Faharas News

Trust: 3.75

Fetched: Nov. 1, 2024, 9:31 a.m., Published: Oct. 27, 2024, 12:46 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: samsung model: exynos
vendor: samsung model: note
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: note 10
vendor: samsung model: galaxy s10
db: NVD ids: CVE-2024-44068

What Happened Over the Week? | CVEs Edition

Related entries in the VARIoT vulnerabilities database: VAR-202410-3402

Trust: 6.5

Fetched: Nov. 1, 2024, 9:29 a.m., Published: Nov. 3, 2024, midnight
 Vulnerabilities: information disclosure, improper memory management, privilege escalation...
Affected productsExternal IDs
vendor: sonos model: sonos
vendor: synology model: diskstation
vendor: samsung model: exynos
vendor: samsung model: samsung
vendor: sophos model: firewall
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: router
vendor: cisco model: adaptive security appliance
vendor: google model: wifi
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2024-38812, CVE-2024-38813, CVE-2024-20424, CVE-2024-6826, CVE-2024-10386, CVE-2024-47575, CVE-2024-41992, CVE-2024-8312, CVE-2024-0119, CVE-2024-0121, CVE-2024-4947, CVE-2024-0118, CVE-2024-44068, CVE-2024-20329, CVE-2024-20481, CVE-2024-0120

Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120

Trust: 5.25

Fetched: Nov. 1, 2024, 9:29 a.m., Published: Nov. 1, 2024, 1:21 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-7120

Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120, (Tue, Sep 24th)

Trust: 4.75

Fetched: Nov. 1, 2024, 9:28 a.m., Published: Sept. 24, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: tplink model: gateway
vendor: tplink model: routers
db: NVD ids: CVE-2024-7120

Analysis of CVE-2023-30727: Wi-Fi Access Control Vulnerability in Samsung Mobile Devices

Trust: 4.5

Fetched: Nov. 1, 2024, 9:27 a.m., Published: Oct. 4, 2023, midnight
 Vulnerabilities: improper access control, access control vulnerability
Affected productsExternal IDs
vendor: samsung model: samsung mobile
vendor: samsung model: samsung
vendor: samsung model: mobile devices
vendor: samsung model: mobile
db: NVD ids: CVE-2023-30727

Microsoft’s October 2024 Patch Tuesday Addresses 117 CVEs (CVE-2024-43572, CVE-2024-43573) - Blog | Tenable®

Trust: 3.75

Fetched: Nov. 1, 2024, 9:24 a.m., Published: Oct. 8, 2024, 6:01 p.m.
 Vulnerabilities: feature bypass, denial of service, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2024-30040, CVE-2024-43564, CVE-2024-43468, CVE-2024-43572, CVE-2024-38112, CVE-2024-43607, CVE-2024-43589, CVE-2024-43533, CVE-2024-43592, CVE-2024-43549, CVE-2024-43611, CVE-2024-43583, CVE-2024-38124, CVE-2024-38261, CVE-2024-38259, CVE-2024-43573, CVE-2024-20659, CVE-2024-43461, CVE-2024-38212, CVE-2024-43593, CVE-2024-43453, CVE-2024-38265, CVE-2024-43599, CVE-2024-43608

CVE-2024-34612: Mitigation of Heap-based Buffer Overflow Vulnerability in Samsung Mobile Devices

Trust: 5.75

Fetched: Nov. 1, 2024, 9:23 a.m., Published: Aug. 1, 2024, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: samsung mobile
vendor: samsung model: samsung
vendor: samsung model: mobile devices
vendor: samsung model: mobile
db: NVD ids: CVE-2024-34612

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation

Trust: 3.75

Fetched: Nov. 1, 2024, 9:22 a.m., Published: Oct. 24, 2024, 6:23 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-47575

Driver AsIO.sys cannot be loaded - Microsoft Community

Trust: 3.0

Fetched: Nov. 1, 2024, 9:22 a.m., Published: Oct. 24, 2024, 6 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: asus model: asus

CVE-2024-48548 - vulnerability database | Vulners.com

Trust: 3.25

Fetched: Nov. 1, 2024, 9:22 a.m., Published: Oct. 24, 2024, 5:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-48548

CVE-2024-47712 - Apache WiFi Device Use-After-Free RCU Vulnerability

Trust: 3.25

Fetched: Nov. 1, 2024, 9:21 a.m., Published: Oct. 21, 2024, 12:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-47712

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Trust: 4.75

Fetched: Nov. 1, 2024, 9:21 a.m., Published: Oct. 31, 2024, 10:24 a.m.
 Vulnerabilities: privilege escalation, object injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-47374, CVE-2024-50550, CVE-2024-28000, CVE-2024-43240, CVE-2024-43242, CVE-2024-44000

Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability · CVE-2024-43485 · GitHub Advisory Database · GitHub

Trust: 4.75

Fetched: Nov. 1, 2024, 9:19 a.m., Published: Oct. 8, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-43485

Understanding CVE-2023-50810: Mitigating Firmware Vulnerability in Sonos Products

Trust: 5.0

Fetched: Nov. 1, 2024, 9:18 a.m., Published: Aug. 1, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonos model: sonos
db: NVD ids: CVE-2023-50810

4.2.7 Lab - Evaluate Vulnerabilities Answers

Related entries in the VARIoT vulnerabilities database: VAR-201803-2171

Trust: 4.5

Fetched: Nov. 1, 2024, 9:17 a.m., Published: Aug. 15, 2024, 3:21 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: mikrotik model: routeros
vendor: mikrotik model: mikrotik
vendor: mikrotik model: mikrotik router
vendor: mikrotik model: router
vendor: trend model: security
db: NVD ids: CVE-2018-7445

Understanding CVE-2024-45259: Vulnerability and Mitigation Strategies on GL-iNet Devices

Trust: 5.25

Fetched: Nov. 1, 2024, 9:16 a.m., Published: April 6, 2002, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-45259

Understanding CVE-2024-0029: Elevation of Privilege in Android 13

Trust: 5.0

Fetched: Nov. 1, 2024, 9:15 a.m., Published: Nov. 13, 2024, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-0029

CVE-2024-50022 - Linux Device-Dax Pagetable Alignment Vulnerability

Trust: 3.0

Fetched: Nov. 1, 2024, 9:14 a.m., Published: Oct. 21, 2024, 8:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-50022

Untraceable Memory Access Vulnerability in PCI Devices (CVE-2024-31145) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 4.0

Fetched: Nov. 1, 2024, 9:13 a.m., Published: Sept. 25, 2024, midnight
 Vulnerabilities: memory access vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2024-31145