Sign-up

VARIoT news about IoT security

Update Canonical Ubuntu Desktop: USN-7159-1: Linux kernel vulnerabilities

Trust: 3.0

Fetched: Jan. 8, 2025, 9:16 a.m., Published: Jan. 8, 7159, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Privilege Escalation and OS Command Injection Vulnerabilities

Trust: 3.25

Fetched: Jan. 8, 2025, 9:15 a.m., Published: -
 Vulnerabilities: privilege escalation, command injection, os command injection
Affected productsExternal IDs

ASUS Routers Vulnerabilities Allows Arbitrary Code Execution | Cyber Security News

Trust: 5.5

Fetched: Jan. 8, 2025, 9:15 a.m., Published: Jan. 3, 2025, 11:35 a.m.
 Vulnerabilities: command execution, code execution
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: asus
vendor: asus model: router
db: NVD ids: CVE-2024-12912, CVE-2024-13062

PHP Servers Vulnerability Exploited To Inject PacketCrypt Cryptocurrency Miner | Cyber Security News

Trust: 4.75

Fetched: Jan. 8, 2025, 9:14 a.m., Published: Jan. 8, 2025, 7:58 a.m.
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-4577

How many smart devices are too many smart devices? - Tech

Trust: 3.25

Fetched: Jan. 8, 2025, 9:14 a.m., Published: Dec. 16, 2024, 9:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: wifi
vendor: google model: home
vendor: google model: android
vendor: apple model: watch
vendor: apple model: iphone

OpenVPN Connect Vulnerability Let Attackers Access Users’ Private Keys | Cyber Security News

Trust: 4.25

Fetched: Jan. 8, 2025, 9:13 a.m., Published: Jan. 7, 2025, 4:34 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-8474

CVE-2024-56434 : Use-After-Free Vulnerability in Huawei Device Node Access Module | SecurityVulnerability.io

Trust: 4.25

Fetched: Jan. 8, 2025, 9:11 a.m., Published: Jan. 8, 2025, 1:32 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2024-56434

CVE-2024-56442 : NFC Service Module Vulnerability in Huawei Devices | SecurityVulnerability.io

Trust: 4.25

Fetched: Jan. 8, 2025, 9:10 a.m., Published: Jan. 8, 2025, 2:20 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2024-56442

Thousands of SonicWall Devices Still Vulnerable to CVE-2024-40766

Trust: 3.75

Fetched: Jan. 8, 2025, 9:10 a.m., Published: Jan. 7, 2025, 4:35 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-40766

Industrial networks exposed to attack by faulty Moxa devices | TechRadar

Trust: 3.75

Fetched: Jan. 8, 2025, 9:09 a.m., Published: Jan. 7, 2025, 10:53 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: moxa model: edr-810 series
vendor: moxa model: edr-810
db: NVD ids: CVE-2024-9140, CVE-2024-9138

48,000+ Vulnerable SonicWall Devices Under Attack From Akira And Fog Ransomware | Cyber Security News

Trust: 4.75

Fetched: Jan. 8, 2025, 9:08 a.m., Published: Jan. 7, 2025, 1:59 p.m.
 Vulnerabilities: access control flaw, improper access control
Affected productsExternal IDs
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2024-40766

Critical CVE-2024-12757 Vulnerability in Nedap Ecoreader: Immediate Action Required | Windows Forum

Trust: 4.75

Fetched: Jan. 8, 2025, 9:08 a.m., Published: May 8, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-12757

Critical Vulnerabilities in ABB Control Systems: Urgent Updates Required | Windows Forum

Trust: 3.75

Fetched: Jan. 8, 2025, 9:07 a.m., Published: May 8, 2025, midnight
 Vulnerabilities: improper validation, code injection, request forgery...
Affected productsExternal IDs
db: NVD ids: CVE-2024-48840, CVE-2024-6298, CVE-2024-6209, CVE-2024-48839

Thousands Of SonicWall Devices Remain Vulnerable To CVE-2024-40766

Trust: 3.75

Fetched: Jan. 8, 2025, 9:07 a.m., Published: Jan. 8, 2025, 7:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-40766

CVE-2020-1821 | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202006-1878, VAR-202006-1874, VAR-202006-1879, VAR-202006-1876, VAR-202006-1877, VAR-202006-1873, VAR-202006-1881

Trust: 4.25

Fetched: Jan. 7, 2025, 9:50 a.m., Published: May 7, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2020-1819, CVE-2020-1820, CVE-2020-1824, CVE-2020-1823, CVE-2020-1818, CVE-2020-1822, CVE-2020-1821

The Best Car Anti-Theft Devices of 2025 | GearJunkie Tested

Trust: 3.75

Fetched: Jan. 7, 2025, 9:47 a.m., Published: Dec. 10, 2024, 4:55 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

Vulnerable Moxa devices expose industrial networks to attacks

Trust: 5.5

Fetched: Jan. 7, 2025, 9:45 a.m., Published: Jan. 6, 2025, 6 p.m.
 Vulnerabilities: os command injection, command injection, validation bypass...
Affected productsExternal IDs
vendor: moxa model: edr-g903
vendor: moxa model: edr-g903 series
vendor: moxa model: edr-810 series
vendor: moxa model: edr-810
db: NVD ids: CVE-2024-9138, CVE-2024-9140

Update Canonical Ubuntu Desktop: USN-7149-1: Intel Microcode vulnerabilities

Trust: 6.0

Fetched: Jan. 7, 2025, 9:44 a.m., Published: Jan. 7, 7149, midnight
 Vulnerabilities: system crash, denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-23918, CVE-2024-21853, CVE-2024-21820, CVE-2024-23984, CVE-2024-24968

Understanding CVE-2024-54106: Mitigating the Null Pointer Dereference Vulnerability in Huawei HarmonyOS

Trust: 6.0

Fetched: Jan. 7, 2025, 9:43 a.m., Published: Dec. 12, 2024, midnight
 Vulnerabilities: application crash, pointer dereference vulnerability
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2024-54106

Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection - Tech Investor News

Trust: 4.0

Fetched: Jan. 7, 2025, 9:42 a.m., Published: Dec. 13, 2024, 4:48 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-54143