Sign-up

VARIoT news about IoT security

Exploitable bloatware puts millions of Google Pixel users at risk

Trust: 3.0

Fetched: Aug. 16, 2024, 10:03 a.m., Published: Aug. 9, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel

Microsoft's AI Health Bot required patching for privilege vulnerability | Healthcare IT News

Trust: 5.0

Fetched: Aug. 16, 2024, 10:02 a.m., Published: Aug. 14, 2024, 7:15 p.m.
 Vulnerabilities: request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-38098

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Trust: 3.75

Fetched: Aug. 16, 2024, 10:02 a.m., Published: Aug. 16, 2024, 8:19 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: software update
vendor: google model: pixel
vendor: google model: android

Your Pixel Has a Dangerous Security Vulnerability Baked Into Its Firmware | Lifehacker

Trust: 3.5

Fetched: Aug. 16, 2024, 10:01 a.m., Published: Aug. 15, 2024, 10 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: iphone
vendor: google model: pixel
vendor: google model: android

Millions of Google Pixels have shipped with a major security flaw

Trust: 3.75

Fetched: Aug. 16, 2024, 9:59 a.m., Published: Aug. 15, 2024, 9:37 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: software update
vendor: google model: pixel
vendor: google model: android

About the security content of AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8 - Apple Support

Trust: 5.0

Fetched: Aug. 16, 2024, 9:59 a.m., Published: June 25, 2024, midnight
 Vulnerabilities: authentication issue
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2024-27867

[no-title]

Trust: 5.5

Fetched: Aug. 16, 2024, 9:58 a.m., Published: -
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: sonos model: sonos
db: NVD ids: CVE-2023-50810, CVE-2024-20018

Ivanti Sentry Vulnerability Analysis & Insights| Darktrace | Darktrace Blog

Trust: 4.25

Fetched: Aug. 16, 2024, 9:57 a.m., Published: Jan. 1, 2024, midnight
 Vulnerabilities: authentication bypass, code execution
Affected productsExternal IDs
vendor: mobileiron model: mobileiron sentry
vendor: mobileiron model: sentry
db: NVD ids: CVE-2023-35078, CVE-2023-35081, CVE-2023-38035

A Look at the Riskiest Connected Devices of 2024

Trust: 3.5

Fetched: Aug. 16, 2024, 9:54 a.m., Published: Aug. 16, 2024, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs

Update now! Google Pixel vulnerability is under active exploitation | Malwarebytes

Trust: 3.75

Fetched: Aug. 16, 2024, 9:54 a.m., Published: June 13, 2024, 1:33 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2024-32896

Report: Google Pixel phones sold with hidden surveillance software - The Verge

Trust: 3.75

Fetched: Aug. 16, 2024, 9:48 a.m., Published: Aug. 15, 2024, 5:12 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android

Google Qualcomm Vulnerability: Risks And Implications For Android Devices | Mobile Telco

Trust: 3.0

Fetched: Aug. 16, 2024, 9:46 a.m., Published: Aug. 12, 2024, 6:34 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Your Phone's 5G Connection Is Vulnerable to Bypass, DoS Attacks

Trust: 3.0

Fetched: Aug. 16, 2024, 9:46 a.m., Published: Aug. 5, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

Microsoft Discovers Critical OpenVPN Vulnerabilities

Trust: 3.5

Fetched: Aug. 16, 2024, 9:45 a.m., Published: Aug. 14, 2024, 9:03 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2024-27459, CVE-2024-1305, CVE-2024-27903, CVE-2024-24974

Security Vulnerabilities: Wired Networks vs. Wireless Networks

Trust: 3.25

Fetched: Aug. 16, 2024, 9:43 a.m., Published: Aug. 3, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

Vulnerability In EOL D-Link DIR-859 Routers Exploited

Related entries in the VARIoT vulnerabilities database: VAR-202401-0919

Trust: 4.75

Fetched: Aug. 16, 2024, 9:43 a.m., Published: July 2, 2024, 12:59 a.m.
 Vulnerabilities: path traversal, information disclosure
Affected productsExternal IDs
vendor: d-link model: dir-859
vendor: d-link model: router
db: NVD ids: CVE-2024-0769

CERT-EU - Multiple Vulnerabilities in Git

Trust: 4.0

Fetched: Aug. 16, 2024, 9:42 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-32465, CVE-2024-32004, CVE-2024-32002

How to Exploit Critical Vulnerability in Palo Alto Devices

Trust: 5.25

Fetched: Aug. 16, 2024, 9:41 a.m., Published: -
 Vulnerabilities: command injection, file creation vulnerability, code execution...
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
db: NVD ids: CVE-2024-3400

Update now! Google Pixel vulnerability is under active exploitation | Malwarebytes

Trust: 3.75

Fetched: Aug. 16, 2024, 9:34 a.m., Published: June 13, 2024, 1:33 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2024-32896

Check Point Security Gateway Information Disclosure Vulnerability (CVE-2024-24919) | Qualys Security Blog

Trust: 4.75

Fetched: Aug. 16, 2024, 9:34 a.m., Published: June 7, 2024, 11:10 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: check point model: check point
vendor: check point model: quantum security gateway
vendor: check point model: security gateway
db: NVD ids: CVE-2024-24919