Sign-up

VARIoT news about IoT security

CVE-2024-7357 - D-Link DIR-600 Remote SOAPCGI os Command Injection Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202408-0139

Trust: 5.5

Fetched: Aug. 16, 2024, 10:19 a.m., Published: Aug. 1, 2024, 1:15 p.m.
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
vendor: dlink model: dir-600
vendor: d-link model: dir-600
db: NVD ids: CVE-2024-7357

CVE-2024-41978 - Siemens RUGGEDCOM and SCALANCE Device 2FA Token Forgery Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202408-0002

Trust: 3.5

Fetched: Aug. 16, 2024, 10:18 a.m., Published: Aug. 13, 2024, 8:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: ruggedcom
vendor: siemens model: scalance s615
vendor: siemens model: ruggedcom rm1224
vendor: siemens model: scalance
db: NVD ids: CVE-2024-41978

Open Source Firewall pfsense Vulnerable to Remote Code Execution Attacks

Trust: 5.0

Fetched: Aug. 16, 2024, 10:18 a.m., Published: Aug. 9, 2024, 1:33 p.m.
 Vulnerabilities: code execution, default credentials
Affected productsExternal IDs
vendor: pfsense model: pfsense
db: NVD ids: CVE-2022-31814

CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets

Trust: 4.75

Fetched: Aug. 16, 2024, 10:17 a.m., Published: Aug. 14, 2024, 4 p.m.
 Vulnerabilities: information exposure
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
db: NVD ids: CVE-2024-5916

Threat Advisory: CVE-2024-38063 - Windows TCP/IP Remote Code Execution Vulnerability

Trust: 4.0

Fetched: Aug. 16, 2024, 10:16 a.m., Published: Aug. 16, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-38063

CVE-2024-3913 - D-Link Embedded Device File Write Vulnerability

Trust: 3.0

Fetched: Aug. 16, 2024, 10:14 a.m., Published: Aug. 13, 2024, 1:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-3913

CVE-2024-3913 - D-Link Embedded Device File Write Vulnerability

Trust: 3.0

Fetched: Aug. 16, 2024, 10:14 a.m., Published: Aug. 13, 2024, 1:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-3913

Android vulnerability discovered affecting millions of Pixel devices worldwide - GIGAZINE

Trust: 4.5

Fetched: Aug. 16, 2024, 10:11 a.m., Published: Aug. 16, 2024, 11:23 a.m.
 Vulnerabilities: code injection, code execution
Affected productsExternal IDs
vendor: essential model: phone
vendor: google model: pixel
vendor: google model: android

Report: Google Pixel phones sold with hidden surveillance software - The Verge

Trust: 3.75

Fetched: Aug. 16, 2024, 10:10 a.m., Published: Aug. 15, 2024, 5:12 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android

Your Pixel Has a Dangerous Security Vulnerability Baked Into Its Firmware

Trust: 3.5

Fetched: Aug. 16, 2024, 10:09 a.m., Published: Aug. 15, 2024, 10:01 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: iphone
vendor: google model: pixel
vendor: google model: android

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: Aug. 16, 2024, 10:08 a.m., Published: Aug. 11, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei

Microsoft patches CVE-2024-38063 IPv6 RCE vulnerability • The Register

Trust: 5.75

Fetched: Aug. 16, 2024, 10:07 a.m., Published: -
 Vulnerabilities: cross-site scripting, code execution, memory corruption...
Affected productsExternal IDs
vendor: ahnlab model: engine
db: NVD ids: CVE-2024-38166, CVE-2024-38107, CVE-2024-38199, CVE-2024-38193, CVE-2024-38200, CVE-2024-38189, CVE-2024-38106, CVE-2024-21302, CVE-2024-38202, CVE-2024-38160, CVE-2024-38140, CVE-2024-38109, CVE-2024-38178, CVE-2024-38213, CVE-2024-41730, CVE-2024-38159, CVE-2024-38206, CVE-2024-38063

CVE-2024-6387 - Openssh vulnerability - Jamf Nation Community - 319302

Trust: 4.25

Fetched: Aug. 16, 2024, 10:07 a.m., Published: July 2, 2024, 8:25 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2024-6387

New Windows vulnerability could repeatedly trigger the blue screen of death on millions of devices | ITPro

Trust: 3.0

Fetched: Aug. 16, 2024, 10:06 a.m., Published: Aug. 12, 2024, 6 p.m.
 Vulnerabilities: code execution, system crash, privilege escalation...
Affected productsExternal IDs
db: NVD ids: CVE-2024-6768

How Mathematics Keeps Your IoT Device Safe

Trust: 3.5

Fetched: Aug. 16, 2024, 10:05 a.m., Published: Aug. 15, 2024, 1 p.m.
 Vulnerabilities: system crash
Affected productsExternal IDs
vendor: trend model: security
vendor: dram model: dram

Google Pixel affected by long-time vulnerability from 2017

Trust: 4.75

Fetched: Aug. 16, 2024, 10:04 a.m., Published: Aug. 16, 2017, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: iphone
vendor: apple model: ipad
vendor: google model: pixel
vendor: google model: android

Google Pixel Phones Have Major Security Loophole - channelnews

Trust: 3.75

Fetched: Aug. 16, 2024, 10:03 a.m., Published: Aug. 16, 2024, midnight
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android

Exploitable bloatware puts millions of Google Pixel users at risk

Trust: 3.0

Fetched: Aug. 16, 2024, 10:03 a.m., Published: Aug. 9, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel

Microsoft's AI Health Bot required patching for privilege vulnerability | Healthcare IT News

Trust: 5.0

Fetched: Aug. 16, 2024, 10:02 a.m., Published: Aug. 14, 2024, 7:15 p.m.
 Vulnerabilities: request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-38098

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Trust: 3.75

Fetched: Aug. 16, 2024, 10:02 a.m., Published: Aug. 16, 2024, 8:19 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: software update
vendor: google model: pixel
vendor: google model: android