Sign-up

VARIoT news about IoT security

FDA Strengthens Cybersecurity Standards for International Medical Devices | Attract Group

Trust: 3.75

Fetched: Oct. 23, 2024, 9:52 a.m., Published: Oct. 9, 2024, 7:09 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Vulnerability Intelligence: Cyberattacks On Spring & IoT Devices

Trust: 5.0

Fetched: Oct. 23, 2024, 9:51 a.m., Published: Oct. 23, 2024, 8:05 a.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
vendor: treck model: tcp/ip stack
db: NVD ids: CVE-2020-11900, CVE-2024-7029, CVE-2024-36401, CVE-2020-11899, CVE-2024-4577, CVE-2024-38816

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

Trust: 5.25

Fetched: Oct. 23, 2024, 9:50 a.m., Published: Oct. 22, 2024, 7:03 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-38812

94 Vulnerability and protection of Android and iOS device - YouTube

Trust: 3.0

Fetched: Oct. 23, 2024, 9:48 a.m., Published: Oct. 21, 2024, 4:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Exploring Android Threats | Cybersecurity Podcast - YouTube

Trust: 3.0

Fetched: Oct. 23, 2024, 9:48 a.m., Published: July 30, 2024, 2:09 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs | by Kevin Beaumont | Oct, 2024 | DoublePulsar

Trust: 3.0

Fetched: Oct. 23, 2024, 9:47 a.m., Published: Oct. 23, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Seven way Google incorporates Security by Design

Trust: 4.5

Fetched: Oct. 23, 2024, 9:46 a.m., Published: Oct. 22, 2024, midnight
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: google model: android
vendor: google model: home
vendor: google model: chrome
vendor: google model: pixel

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Oct. 23, 2024, 9:45 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

TSMC told US of chip in Huawei device - Hardware - iTnews

Trust: 3.25

Fetched: Oct. 23, 2024, 9:45 a.m., Published: Nov. 14, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei

next.js - How to fix the vulnerability - "Regular Expression Denial of Service (ReDoS) in micromatch" - Stack Overflow

Trust: 4.0

Fetched: Oct. 23, 2024, 9:44 a.m., Published: Oct. 29, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

CVE-2022-49011 - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() - SecAlerts

Trust: 3.25

Fetched: Oct. 23, 2024, 9:44 a.m., Published: Oct. 21, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-49011

Researcher Details 0-Day Flaw CVE-2024-44068 in Samsung Exynos Processors

Trust: 4.5

Fetched: Oct. 23, 2024, 9:43 a.m., Published: Oct. 23, 2024, 2:28 a.m.
 Vulnerabilities: improper memory management
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: exynos
db: NVD ids: CVE-2024-44068

Sciencelogic critical zero day remains unidentified despite in-the-wild exploitation

Trust: 4.0

Fetched: Oct. 23, 2024, 9:43 a.m., Published: Oct. 22, 2024, 12:02 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-9537

Akira ransomware continues to evolve

Related entries in the VARIoT vulnerabilities database: VAR-202005-0696, VAR-202403-2416

Trust: 4.25

Fetched: Oct. 23, 2024, 9:42 a.m., Published: Oct. 21, 2024, 4:50 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: clamav model: clamav
vendor: trend model: security
vendor: cisco model: firepower
vendor: cisco model: web security appliance
vendor: cisco model: guard
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: clamav
vendor: cisco model: anyconnect ssl vpn
vendor: cisco model: meraki mx
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower threat defense
vendor: cisco model: umbrella
vendor: trend micro model: security
vendor: snort.org model: snort
vendor: snort model: snort
vendor: sonicwall model: remote access
vendor: sonicwall model: ssl vpn
vendor: sonicwall model: email security
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2020-3259, CVE-2023-20269, CVE-2024-40766, CVE-2024-40711, CVE-2023-20263, CVE-2024-37085, CVE-2023-48788, CVE-2023-27532

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Oct. 23, 2024, 9:42 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

FortiGate admins report active exploitation 0-day. Vendor isn’t talking. - Ars Technica

Trust: 4.0

Fetched: Oct. 23, 2024, 9:42 a.m., Published: Oct. 22, 2024, 7:49 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Mozilla Issues Emergency Patch for Critical Firefox Vulnerability

Trust: 3.75

Fetched: Oct. 23, 2024, 9:41 a.m., Published: Oct. 18, 2024, 11:42 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-9680

[RELEASE NOTES] VMware vCenter Server 7.0 Update 3t Release Notes

Trust: 3.25

Fetched: Oct. 23, 2024, 9:41 a.m., Published: Oct. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-38812

Old devices, new dangers: The risks of unsupported IoT tech | ESET

Trust: 4.75

Fetched: Oct. 23, 2024, 9:38 a.m., Published: May 9, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security

Cyble Sensors Detect Attacks On Java Framework, IoT Devices

Trust: 5.5

Fetched: Oct. 23, 2024, 9:35 a.m., Published: Oct. 22, 2024, 12:17 p.m.
 Vulnerabilities: brute force attack, path traversal
Affected productsExternal IDs
vendor: treck model: tcp/ip stack
vendor: cisco model: series
db: NVD ids: CVE-2020-11900, CVE-2024-7029, CVE-2024-36401, CVE-2020-11899, CVE-2024-4577, CVE-2024-38816