VARIoT latest news about IoT security

CVE-2024-45032: Industrial Edge Device Token Impersonation Vulnerability - DEC Solutions Group Trust: 3.25 Fetched: Sept. 16, 2024, 8:22 p.m., Published: Sept. 10, 2024, 10:31 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-45032

Zero-Day Vulnerability In Arcadyan WiFi Devices Allows RCE for Root Access - Cybernoz Trust: 4.5 Fetched: Sept. 16, 2024, 8:19 p.m., Published: Aug. 22, 2024, 9:58 a.m.	Vulnerabilities: command injection, command execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-41992

CISA Warns of Three Vulnerabilities That Are Actively Exploited in the Wild Trust: 4.5 Fetched: Sept. 16, 2024, 8:19 p.m., Published: Sept. 10, 2024, 8:10 a.m.	Vulnerabilities: privilege escalation, improper access control, code execution...

Affected products

External IDs

vendor:	sonicwall	model:	sonicos
vendor:	imagemagick	model:	imagemagick

db:

NVD

ids:

CVE-2024-40766, CVE-2016-3714, CVE-2017-1000253

ServiceNow Vulnerabilities: CVE-2024-4789 and CVE-2024-5217 \| UpGuard Trust: 3.0 Fetched: Sept. 16, 2024, 8:19 p.m., Published: Sept. 8, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-4789, CVE-2024-5217

Zero-day vulnerability in Arcadyan WiFi devices allows RCE for root access - 5gantennas.org Trust: 4.5 Fetched: Sept. 16, 2024, 8:18 p.m., Published: Sept. 4, 2024, midnight	Vulnerabilities: command injection, command execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-41992

MOBOTIX vulnerability (CVE-2023-34873): Find impacted devices Trust: 5.0 Fetched: Sept. 16, 2024, 8:18 p.m., Published: Aug. 22, 2024, 2:26 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	mobotix	model:	ip camera
vendor:	mobotix	model:	mobotix ip camera

db:

NVD

ids:

CVE-2023-34873

CVE-2024-42057 - Exploits & Severity - Feedly Trust: 4.75 Fetched: Sept. 16, 2024, 8:09 p.m., Published: Sept. 3, 2024, midnight	Vulnerabilities: command injection, service disruption

Affected products

External IDs

db:

NVD

ids:

CVE-2024-42057

10 IoT Security Interview Questions and Answers - CLIMB Trust: 3.75 Fetched: Sept. 16, 2024, 8:09 p.m., Published: Sept. 9, 2024, 5:28 p.m.	Vulnerabilities: denial of service

Affected products	External IDs

CVE-2024-44549 - Tenda AX1806 Device Stack Overflow Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-202408-2378 Trust: 3.0 Fetched: Sept. 16, 2024, 8:08 p.m., Published: Aug. 26, 2024, 4:15 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-44549

Critical Vulnerability CVE-2024-40766 in SonicWall Devices Exploited in the wild \| Cyber Incident Response Team - Government of Jamaica Trust: 4.5 Fetched: Sept. 16, 2024, 8:07 p.m., Published: May 16, 2024, midnight	Vulnerabilities: improper access control, access control vulnerability

Affected products

External IDs

vendor:	sonicwall	model:	soho
vendor:	sonicwall	model:	sonicos

db:

NVD

ids:

CVE-2024-40766, CVE-2024-406766

10 Vulnerability Scanning Interview Questions and Answers - CLIMB Trust: 3.5 Fetched: Sept. 16, 2024, 8:05 p.m., Published: Sept. 9, 2024, 5:27 p.m.	Vulnerabilities: session hijacking, sql injection, cross-site scripting

Affected products

External IDs

vendor:

ansible

model:

ansible

Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities Trust: 5.0 Fetched: Sept. 16, 2024, 8:04 p.m., Published: Aug. 22, 2024, 3:15 p.m.	Vulnerabilities: sql injection

Affected products

External IDs

vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	identity services engine

Exploring Android threats and ways to mitigate them \| Unlocked 403 cybersecurity podcast (ep.5) Trust: 3.25 Fetched: Sept. 16, 2024, 7:58 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-45866

PoC Tool for Exploiting CVE-2024-7029 in AvTech Devices: Enabling RCE, Vulnerability Scanning, and Interactive Shell Trust: 4.75 Fetched: Sept. 16, 2024, 7:58 p.m., Published: Sept. 2, 2024, 5:11 p.m.	Vulnerabilities: authentication bypass, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-7029

10 najlepszych praktyk bezpieczeństwa Internetu rzeczy (IoT) - GeeksforGeeks Trust: 3.5 Fetched: Sept. 16, 2024, 7:57 p.m., Published: April 30, 2024, 4:13 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

checkpoint

model:

endpoint security

CVE-2024-43913 nvme: apple: fix device reference counting - vulnerability database \| Vulners.com Trust: 3.25 Fetched: Sept. 16, 2024, 7:57 p.m., Published: Aug. 26, 2024, 10:11 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43913

CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability - Security Boulevard Trust: 3.25 Fetched: Sept. 16, 2024, 7:56 p.m., Published: Sept. 13, 2024, 2:34 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-29847

CVE-2024-43913 - Apple NVMe Device Reference Count Leak Vulnerability Trust: 3.0 Fetched: Sept. 16, 2024, 7:54 p.m., Published: Aug. 26, 2024, 11:15 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43913

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices - Cyble Related entries in the VARIoT vulnerabilities database: VAR-202212-1132, VAR-202210-0198 Trust: 5.25 Fetched: Sept. 16, 2024, 7:53 p.m., Published: Aug. 30, 2024, 1:20 p.m.	Vulnerabilities: privilege escalation, file upload vulnerability, improper access control...

Affected products

External IDs

vendor:	sonicwall	model:	remote access
vendor:	sonicwall	model:	sonicos
vendor:	freeipa	model:	freeipa

db:

NVD

ids:

CVE-2024-39717, CVE-2024-6633, CVE-2022-42475, CVE-2024-4577, CVE-2024-28000, CVE-2017-1000253, CVE-2024-3183, CVE-2022-40684, CVE-2024-40766, CVE-2024-31214, CVE-2024-38856, CVE-2016-3714, CVE-2024-38063, CVE-2023-27997, CVE-2024-24809, CVE-2024-28987

Cisco IOS XR Software Network Convergence System Denial of Service Vulnerability - Cisco Trust: 3.75 Fetched: Sept. 16, 2024, 7:52 p.m., Published: Sept. 11, 2024, 11:36 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	ios xr
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	network convergence system
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	cisco ios

VARIoT news about IoT security