VARIoT latest news about IoT security

ERROR: The request could not be satisfied Trust: 3.25 Fetched: Oct. 27, 2024, 9:44 a.m., Published: -	Vulnerabilities: configuration error

Affected products	External IDs

Okta Verify for iOS ContextExtension CVE-2024-10327 Trust: 3.75 Fetched: Oct. 27, 2024, 9:42 a.m., Published: Sept. 25, 2001, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

watch

db:

NVD

ids:

CVE-2024-10327

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Oct. 27, 2024, 9:42 a.m., Published: Oct. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

Vulnerabilities of Realtek SD card reader driver, part 1 \| ZwClose Trust: 3.75 Fetched: Oct. 27, 2024, 9:40 a.m., Published: Oct. 14, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

lenovo

model:

desktop

db:

NVD

ids:

CVE-2022-25476, CVE-2022-25477, CVE-2024-40431, CVE-2022-25478, CVE-2022-25479, CVE-2024-40432, CVE-2022-25480

Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning Trust: 3.25 Fetched: Oct. 27, 2024, 9:37 a.m., Published: Oct. 1, 2024, 10 a.m.	Vulnerabilities: injection attack, sql injection

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	palo	model:	networks
vendor:	palo	model:	firewall

Critical Security Alert: Vulnerabilities in Kieback&Peter DDC4000 Devices \| Windows Forum Trust: 4.75 Fetched: Oct. 27, 2024, 9:37 a.m., Published: May 27, 2024, midnight	Vulnerabilities: path traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2024-41717, CVE-2024-43812, CVE-2024-43698

Critical Vulnerability in D-Link Devices Could Allow Remote Command Injection (CVE-2024-8211) \| SecurityVulnerability.io - SecuirtyVulnerability.io Related entries in the VARIoT vulnerabilities database: VAR-202408-2336 Trust: 5.75 Fetched: Oct. 27, 2024, 9:36 a.m., Published: -	Vulnerabilities: remote command injection, command injection

Affected products

External IDs

vendor:	d-link	model:	dns-325
vendor:	d-link	model:	dns-320lw
vendor:	d-link	model:	dns-327l
vendor:	d-link	model:	dns-345
vendor:	d-link	model:	dns-320l
vendor:	d-link	model:	dns-323
vendor:	d-link	model:	dnr-322l
vendor:	d-link	model:	dnr-326
vendor:	d-link	model:	dns-320
vendor:	d-link	model:	dns-340l

db:

NVD

ids:

CVE-2024-8211

IoT Devices and Their Potential Vulnerability to Modern Cyberattacks! Trust: 3.0 Fetched: Oct. 27, 2024, 9:29 a.m., Published: -	Vulnerabilities: -

Affected products	External IDs

Critical Warning For Samsung Users; Indian Government Flags High-Risk Security Issue - Tech Trust: 3.75 Fetched: Oct. 27, 2024, 9:24 a.m., Published: Oct. 25, 2024, 6:37 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung mobile
vendor:	samsung	model:	samsung

db:

NVD

ids:

CVE-2024-44068

Security Bulletin: NVIDIA GPU Display Driver - October 2024 \| NVIDIA Trust: 4.25 Fetched: Oct. 27, 2024, 9:22 a.m., Published: Oct. 27, 2024, midnight	Vulnerabilities: denial of service, code execution, information disclosure

Affected products

External IDs

vendor:	citrix	model:	hypervisor
vendor:	citrix	model:	licensing

I2c Module Vulnerability in Linux Kernel Affects ACPI Devices (CVE-2024-45029) \| SecurityVulnerability.io - SecuirtyVulnerability.io Trust: 3.25 Fetched: Oct. 27, 2024, 9:22 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-45029

What is Internet of Things (IoT) Security? Trust: 3.0 Fetched: Oct. 27, 2024, 9:19 a.m., Published: Sept. 23, 2024, 6:26 a.m.	Vulnerabilities: -

Affected products	External IDs

Med Device Cybersecurity and Patient Harm - Blue Goat Cyber Trust: 3.0 Fetched: Oct. 27, 2024, 9:17 a.m., Published: Dec. 25, 2022, 5:45 p.m.	Vulnerabilities: -

Affected products	External IDs

Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack Trust: 4.75 Fetched: Oct. 27, 2024, 9:17 a.m., Published: Oct. 24, 2024, 12:41 p.m.	Vulnerabilities: resource exhaustion

Affected products

External IDs

vendor:	sonicwall	model:	remote access
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower
vendor:	cisco	model:	series
vendor:	cisco	model:	firepower threat defense
vendor:	check point	model:	check point
vendor:	mikrotik	model:	mikrotik

db:

NVD

ids:

CVE-2024-20424, CVE-2024-20412, CVE-2024-20329, CVE-2024-20481

Lazarus Hackers Exploited Google Chrome Vulnerability To Infect Devices Trust: 3.5 Fetched: Oct. 25, 2024, 9:43 a.m., Published: Oct. 24, 2024, 3:47 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2024-4947

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) Trust: 5.25 Fetched: Oct. 25, 2024, 9:42 a.m., Published: Oct. 23, 2024, 12:54 p.m.	Vulnerabilities: code execution, privilege escalation

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile

db:

NVD

ids:

CVE-2024-38094, CVE-2024-44068

CVE-2024-20494 \| Tenable® Trust: 6.0 Fetched: Oct. 25, 2024, 9:42 a.m., Published: Oct. 1, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	device manager
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	security device manager
vendor:	cisco	model:	adaptive security device manager
vendor:	cisco	model:	asa software
vendor:	cisco	model:	asdm
vendor:	cisco	model:	firepower
vendor:	cisco	model:	adaptive security appliance

db:

NVD

ids:

CVE-2024-20494

Samsung Use-After-Free Zero-day Vulnerability Exploited In The Wild Trust: 3.75 Fetched: Oct. 25, 2024, 9:42 a.m., Published: Oct. 23, 2024, 7:52 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile
vendor:	samsung	model:	exynos

db:

NVD

ids:

CVE-2024-44068

CVE-2024-20017 \| Ubiquiti Community Trust: 3.25 Fetched: Oct. 25, 2024, 9:33 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-20017

Vulnerability (CVE-2024-20017) - Technical Support for Routers - GL.iNet Trust: 3.25 Fetched: Oct. 25, 2024, 9:33 a.m., Published: Sept. 26, 2024, 12:38 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-20017

VARIoT news about IoT security