Sign-up

VARIoT news about IoT security

Technical Support: UXR0334A Infiniium UXR-Series Oscilloscope: 33 GHz, 4 Channels | Keysight

Trust: 4.0

Fetched: Jan. 5, 2025, 9:37 a.m., Published: Feb. 10, 2021, 8:04 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dram model: dram

Update Canonical Ubuntu Server: USN-7144-1: Linux kernel (Intel IoTG) vulnerabilities

Trust: 4.25

Fetched: Jan. 5, 2025, 9:35 a.m., Published: Jan. 5, 7144, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-25744

How CrowdStrike Protects Customers from Log4Shell Threats

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: 3.0

Fetched: Jan. 5, 2025, 9:35 a.m., Published: Dec. 31, 2024, 7:57 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44228

Hackers Exploit Vulnerability In 15,000 Industrial Routers Worldwide

Trust: 4.75

Fetched: Jan. 5, 2025, 9:34 a.m., Published: Jan. 5, 2018, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: four-faith model: four-faith
vendor: four-faith model: f3x24
db: NVD ids: CVE-2024-12856

CVE-2024-11624 : Undeclared Permission Vulnerability in Android Devices by Google | SecurityVulnerability.io

Trust: 4.25

Fetched: Jan. 5, 2025, 9:34 a.m., Published: Jan. 3, 2025, 4:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-11624

CVE-2024-53835 : Biometric Bypass Vulnerability in Android Pixel Devices by Google | SecurityVulnerability.io

Trust: 4.0

Fetched: Jan. 5, 2025, 9:31 a.m., Published: Jan. 3, 2025, 4:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-53835

CVE-2024-53836 : Buffer Overflow Vulnerability in Android’s WBRC Bluetooth Device Writer | SecurityVulnerability.io

Trust: 3.25

Fetched: Jan. 5, 2025, 9:30 a.m., Published: Jan. 3, 2025, 4:15 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-53836

Cyber Daily 12/13: Dell and Citrix Under Attack, Microsoft's Early Christmas Gift, Water Treatment Facilities at Risk

Trust: 4.75

Fetched: Jan. 5, 2025, 9:27 a.m., Published: Dec. 13, 2024, 2:52 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: citrix model: netscaler
db: NVD ids: CVE-2024-8534, CVE-2024-43234, CVE-2024-8535, CVE-2024-37143, CVE-2024-11639, CVE-2024-11972, CVE-2024-37144

Understanding CVE-2024-49422 in Samsung Mobile Devices: Vulnerability Mitigation Strategies

Trust: 3.75

Fetched: Jan. 5, 2025, 9:27 a.m., Published: Oct. 5, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: mobile
vendor: samsung model: samsung
db: NVD ids: CVE-2024-49422

Hacking Your Own IoT: A White Hat’s Guide to Securing Smart Devices

Trust: 4.25

Fetched: Jan. 5, 2025, 9:25 a.m., Published: Jan. 5, 2025, 2 p.m.
 Vulnerabilities: sql injection, default credentials, cross-site scripting
Affected productsExternal IDs
vendor: wireshark model: wireshark

Hacking Your Own IoT: A White Hat’s Guide to Securing Smart Devices

Trust: 4.25

Fetched: Jan. 5, 2025, 9:25 a.m., Published: Jan. 5, 2025, 2 p.m.
 Vulnerabilities: sql injection, default credentials, cross-site scripting
Affected productsExternal IDs
vendor: wireshark model: wireshark

Nest Security Bulletin-December 2024 - Help

Related entries in the VARIoT vulnerabilities database: VAR-202203-1690

Trust: 5.5

Fetched: Jan. 5, 2025, 9:24 a.m., Published: Dec. 5, 2024, midnight
 Vulnerabilities: information disclosure, denial of service, code execution
Affected productsExternal IDs
vendor: google model: home
vendor: google model: wifi
vendor: google model: wifi router
db: NVD ids: CVE-2018-25032, CVE-2023-45853, CVE-2024-26923

DoubleClickjacking: new exploit can affect any major site's security - ThinScale

Trust: 4.75

Fetched: Jan. 5, 2025, 9:22 a.m., Published: Jan. 3, 2025, 3:58 p.m.
 Vulnerabilities: service disruption, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-49113

Infographic: A History of Network Device Threats and What Lies Ahead - Eclypsium | Supply Chain Security for the Modern Enterprise

Related entries in the VARIoT vulnerabilities database: VAR-202007-1393, VAR-202205-0394, VAR-202212-1132, VAR-202305-2121, VAR-201703-0892, VAR-202103-0654, VAR-201906-0815, VAR-202304-2073, VAR-202305-2285

Trust: 4.5

Fetched: Jan. 5, 2025, 9:21 a.m., Published: Dec. 2, 2024, 10 p.m.
 Vulnerabilities: os command injection, buffer overflow, code execution...
Affected productsExternal IDs
vendor: sophos model: mobile
vendor: sophos model: firewall
vendor: barracuda model: barracuda
vendor: barracuda model: running
vendor: rapid model: scada
vendor: palo alto networks model: networks
vendor: palo alto networks model: ssl vpn
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
vendor: pulse secure model: connect secure
vendor: pulse secure model: policy secure
vendor: d-link model: router
vendor: netgear model: router
vendor: asus model: router
vendor: asus model: routers
vendor: asus model: asus
vendor: mikrotik model: mikrotik
vendor: mikrotik model: router
vendor: mikrotik model: routers
vendor: palo model: networks
vendor: palo model: ssl vpn
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: tp-link model: gateway
vendor: tp-link model: routers
vendor: citrix model: gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler adc
vendor: cisco model: cisco routers
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: adaptive security appliance
vendor: cisco model: linksys
vendor: cisco model: nexus
vendor: cisco model: router
vendor: cisco model: cisco ios xe
vendor: cisco model: routers
vendor: fortigate model: fortios
vendor: sonicwall model: ssl vpn
db: NVD ids: CVE-2020-5902, CVE-2021-22893, CVE-2022-1388, CVE-2022-42475, CVE-2023-33009, CVE-2023-2868, CVE-2023-20198, CVE-2024-5910, CVE-2023-3519, CVE-2017-3881, CVE-2021-22986, CVE-2024-23113, CVE-2023-20269, CVE-2018-13379, CVE-2023-28771, CVE-2023-20273, CVE-2023-33010, CVE-2023-4966, CVE-2022-41328

Philips discloses patient monitoring device, medical device interfacing vulnerabilities | SC Media

Trust: 3.75

Fetched: Jan. 5, 2025, 9:18 a.m., Published: June 11, 2024, 5 p.m.
 Vulnerabilities: denial of service, authentication bypass
Affected productsExternal IDs
vendor: philips model: intellibridge ec40

Cybersecurity Analysis of Wearable Devices: Smartwatches Passive Attack

Trust: 3.5

Fetched: Jan. 5, 2025, 9:15 a.m., Published: Jan. 5, 2023, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: essential model: phone
vendor: apple model: watch
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: samsung model: samsung galaxy
vendor: samsung model: samsung
vendor: wireshark model: wireshark

CVE-2020-1823 | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202006-1877, VAR-202006-1878, VAR-202006-1874, VAR-202006-1876, VAR-202006-1881, VAR-202006-1879, VAR-202006-1873

Trust: 4.25

Fetched: Jan. 3, 2025, 9:22 a.m., Published: May 3, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1823, CVE-2020-1821, CVE-2020-1824, CVE-2020-1822

CVE-2020-1822 | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202006-1877, VAR-202006-1878, VAR-202006-1874, VAR-202006-1876, VAR-202006-1881, VAR-202006-1879, VAR-202006-1873

Trust: 4.25

Fetched: Jan. 3, 2025, 9:21 a.m., Published: May 3, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1823, CVE-2020-1821, CVE-2020-1824, CVE-2020-1822

Top Attack Surface Management Trends For 2025

Trust: 3.75

Fetched: Jan. 3, 2025, 9:20 a.m., Published: Dec. 30, 2024, 9:11 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: trend model: security

DrayTek Devices Vulnerability Let Attackers Arbitrary Commands Remotely

Trust: 4.75

Fetched: Jan. 3, 2025, 9:18 a.m., Published: Jan. 1, 2025, 1:49 p.m.
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
vendor: draytek model: vigor300b
vendor: draytek model: vigor2960