Sign-up

VARIoT news about IoT security

Most Common Wireless Network Vulnerabilities To Watch For

Trust: 3.75

Fetched: June 18, 2024, 9:05 a.m., Published: May 18, 2024, midnight
 Vulnerabilities: weak password
Affected productsExternal IDs

Akira Ransomware Elevates Privilege To Exfiltrate NTDS.dit File

Trust: 4.75

Fetched: June 16, 2024, 10:16 a.m., Published: May 20, 2024, 1:05 p.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-21972

CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability - Security Boulevard

Trust: 3.5

Fetched: June 16, 2024, 10:10 a.m., Published: June 12, 2024, 2:27 p.m.
 Vulnerabilities: code execution, sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-29824

Forescout Report 2024 Identifies Risks In Connected Devices | Security News

Trust: 3.75

Fetched: June 16, 2024, 10:10 a.m., Published: -
 Vulnerabilities: default credentials
Affected productsExternal IDs

Muhstik Malware Attacking Apache RocketMQ Platform To Execute Remote Code

Trust: 4.25

Fetched: June 16, 2024, 10:09 a.m., Published: June 7, 2024, 12:47 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-33246

Zyxel NAS Devices’ EoL Models Patched for Critical Code Execution Vulnerabilities: CVE-2024-29972, CVE-2024-29973, CVE-2024-29974 - TQT Group

Trust: 4.25

Fetched: June 16, 2024, 10:09 a.m., Published: June 5, 2024, 10:56 a.m.
 Vulnerabilities: command execution, command injection, code execution
Affected productsExternal IDs
vendor: zyxel model: nas326
vendor: zyxel model: nas542
db: NVD ids: CVE-2024-29976, CVE-2024-29975, CVE-2024-29974, CVE-2024-29972, CVE-2024-29973

Spring Cloud Data Flow Let Attackers Compromise The Server

Trust: 3.25

Fetched: June 16, 2024, 10:08 a.m., Published: May 30, 2024, 11:27 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-22263

Critical wpDataTable Vulnerability - Attackers Perform SQL Injection

Trust: 3.0

Fetched: June 16, 2024, 10:06 a.m., Published: June 3, 2024, 7:47 a.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-3820

The impact of legacy vulnerabilities in today's cybersecurity landscape | TechRadar

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-201906-0815, VAR-201404-0592

Trust: 3.5

Fetched: June 16, 2024, 10:06 a.m., Published: June 4, 2024, 5:42 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: sonicwall model: ssl vpn
db: NVD ids: CVE-2021-21975, CVE-2021-44228, CVE-2018-13379, CVE-2014-0160, CVE-2021-26085

CVE-2024-24789 vulnerabilities - vulnerability database | Vulners.com

Trust: 3.75

Fetched: June 16, 2024, 10:05 a.m., Published: June 16, 2024, 9:08 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: nats model: server
vendor: couchbase model: server
db: NVD ids: CVE-2024-24789

Vulnerability Recap 6/3/24: Check Point, Fortinet & Okta

Trust: 4.25

Fetched: June 16, 2024, 10:05 a.m., Published: June 3, 2024, 10 p.m.
 Vulnerabilities: command injection, information disclosure, os command injection...
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo model: pan-os
vendor: check point model: security gateway
vendor: check point model: check point vpn
vendor: check point model: check point
db: NVD ids: CVE-2024-23108, CVE-2024-3400, CVE-2024-1086, CVE-2024-24919

Hackers Created Rogue VMs in Recent MITRE’s Cyber Attack

Trust: 4.0

Fetched: June 16, 2024, 10:04 a.m., Published: May 27, 2024, 3:28 a.m.
 Vulnerabilities: session hijacking
Affected productsExternal IDs
db: NVD ids: CVE-2024-21887, CVE-2023-46805

Network Security Testing: Tools and Methodologies

Trust: 4.5

Fetched: June 16, 2024, 10:03 a.m., Published: May 16, 2024, midnight
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: paessler model: prtg network monitor

Millions of Google Chrome users must update app now after 'high' level bug is discovered | The Sun

Trust: 3.75

Fetched: June 16, 2024, 9:59 a.m., Published: May 26, 2024, 8:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2024-0519, CVE-2024-4947, CVE-2024-5274, CVE-2024-2886, CVE-2024-3159, CVE-2024-2887, CVE-2024-4671, CVE-2024-4761

Vulnerability Summary for the Week of June 3, 2024 | CISA

Trust: 4.25

Fetched: June 16, 2024, 9:51 a.m., Published: June 3, 2024, midnight
 Vulnerabilities: memory corruption, code injection, input validation vulnerability...
Affected productsExternal IDs
vendor: perl model: perl
vendor: delegate model: delegate
vendor: samsung model: exynos
vendor: samsung model: mobile devices
vendor: samsung model: note
vendor: samsung model: gallery
vendor: samsung model: mobile
vendor: samsung model: samsung mobile
vendor: jquery model: jquery
vendor: canonical model: ubuntu
vendor: cisco model: finesse
vendor: cisco model: information server
vendor: cisco model: download manager
vendor: cisco model: cisco finesse
vendor: cisco model: cisco unified contact center enterprise
vendor: cisco model: unified contact center enterprise
db: NVD ids: CVE-2024-4608, CVE-2024-0910, CVE-2024-5590, CVE-2024-422013061848, CVE-2024-27373, CVE-2024-34803, CVE-2024-35653, CVE-2024-37162, CVE-2024-1161, CVE-2023-48753, CVE-2024-35655, CVE-2024-23326, CVE-2024-35641, CVE-2023-40673, CVE-2024-30525, CVE-2024-35668, CVE-2024-5771, CVE-2024-35670, CVE-2023-6956, CVE-2024-35673, CVE-2024-27370, CVE-2024-34795, CVE-2023-48789, CVE-2024-35684, CVE-2024-23793, CVE-2024-5224, CVE-2024-4821, CVE-2024-30889, CVE-2024-5001, CVE-2024-4013, CVE-2024-5629, CVE-2024-35755, CVE-2024-5006, CVE-2024-2017, CVE-2024-0756, CVE-2024-2087, CVE-2024-20882, CVE-2024-35664, CVE-2024-4489, CVE-2024-20885, CVE-2024-5141, CVE-2024-5645, CVE-2024-4042, CVE-2024-34770, CVE-2024-5449, CVE-2024-35698, CVE-2024-20873, CVE-2024-30528, CVE-2023-26521, CVE-2023-47663, CVE-2024-36123, CVE-2024-4637, CVE-2024-1717, CVE-2024-35704, CVE-2024-35708, CVE-2024-34796, CVE-2024-34362, CVE-2024-35738, CVE-2024-31493, CVE-2024-28818, CVE-2024-3716, CVE-2024-34767, CVE-2023-49852, CVE-2024-27378, CVE-2024-5613, CVE-2024-30484, CVE-2023-43543, CVE-2023-5424, CVE-2024-27377, CVE-2024-1940, CVE-2024-29152, CVE-2024-27380, CVE-2024-4812, CVE-2024-34766, CVE-2024-35674, CVE-2024-34801, CVE-2024-35654, CVE-2024-5770, CVE-2024-36121, CVE-2024-5612, CVE-2024-21478, CVE-2024-31958, CVE-2024-34764, CVE-2023-27460, CVE-2024-27374, CVE-2024-5571, CVE-2023-37865, CVE-2024-35681, CVE-2024-22326, CVE-2024-23669, CVE-2023-45009, CVE-2024-4788, CVE-2024-5222, CVE-2024-35756, CVE-2023-48290, CVE-2024-21748, CVE-2024-5425, CVE-2024-56581, CVE-2024-20881, CVE-2024-5654, CVE-2024-37364, CVE-2024-20883, CVE-2024-5342, CVE-2024-35632, CVE-2024-34790, CVE-2024-35713, CVE-2024-35642, CVE-2023-52176, CVE-2024-34364, CVE-2024-32464, CVE-2024-27381, CVE-2024-4458, CVE-2024-35688, CVE-2024-1175, CVE-2024-23664, CVE-2024-35731, CVE-2024-5453, CVE-2024-35633, CVE-2023-28492, CVE-2024-35634, CVE-2024-35691, CVE-2023-6876, CVE-2024-5259, CVE-2024-5684, CVE-2024-4661, CVE-2024-35699, CVE-2024-1689, CVE-2024-35639, CVE-2024-20875, CVE-2024-36106, CVE-2024-35657, CVE-2024-5038, CVE-2023-48745, CVE-2024-35751, CVE-2024-35637, CVE-2024-4468, CVE-2024-3667, CVE-2024-33541, CVE-2024-5481, CVE-2023-43544, CVE-2024-20884, CVE-2023-46310, CVE-2024-35643, CVE-2024-35652, CVE-2024-3469, CVE-2023-6491, CVE-2024-5439, CVE-2024-37152, CVE-2024-4939, CVE-2024-35695, CVE-2023-41134, CVE-2023-49774, CVE-2024-27375, CVE-2024-5221, CVE-2024-2368, CVE-2024-35705, CVE-2024-20886, CVE-2024-4488, CVE-2024-5640, CVE-2024-4705, CVE-2024-35707, CVE-2024-35702, CVE-2024-5459, CVE-2023-34001, CVE-2024-35740, CVE-2023-45053, CVE-2024-37160, CVE-2023-47189, CVE-2024-34797, CVE-2024-32975, CVE-2024-35635, CVE-2023-38520, CVE-2024-35739, CVE-2024-4274, CVE-2023-43537, CVE-2024-4451, CVE-2024-5734, CVE-2024-4462, CVE-2023-28494, CVE-2024-35782, CVE-2024-5758, CVE-2024-4697, CVE-2024-34798, CVE-2023-51544, CVE-2024-35675, CVE-2024-36124, CVE-2024-27372, CVE-2024-5673, CVE-2024-32974, CVE-2024-5489, CVE-2023-49927, CVE-2024-3031, CVE-2024-5382, CVE-2024-4707, CVE-2024-421913061848, CVE-2024-20405, CVE-2023-40557, CVE-2024-20887, CVE-2024-31878, CVE-2024-5615, CVE-2023-23730, CVE-2024-5162, CVE-2024-5635, CVE-2024-4001, CVE-2024-4088, CVE-2024-1272, CVE-2024-4942, CVE-2024-3888, CVE-2024-5656, CVE-2024-27382, CVE-2024-5607, CVE-2023-40332, CVE-2024-5663, CVE-2024-35638, CVE-2023-43545, CVE-2024-34769, CVE-2024-1988, CVE-2024-35753, CVE-2023-45635, CVE-2023-45707, CVE-2024-5152, CVE-2024-4581, CVE-2024-1718, CVE-2024-35714, CVE-2024-35752, CVE-2024-5485, CVE-2024-5536, CVE-2024-5483, CVE-2023-51667, CVE-2023-44235, CVE-2023-39161, CVE-2023-48747, CVE-2024-4354, CVE-2024-5665, CVE-2024-23665, CVE-2023-48285, CVE-2024-34789, CVE-2024-35649, CVE-2023-26523, CVE-2024-3987, CVE-2024-35651, CVE-2023-48271, CVE-2024-3230, CVE-2024-37163, CVE-2024-35640, CVE-2024-34791, CVE-2024-5188, CVE-2024-5161, CVE-2024-4364, CVE-2024-20879, CVE-2023-48276, CVE-2023-23735, CVE-2024-37156, CVE-2024-35711, CVE-2024-34759, CVE-2024-27379, CVE-2024-2922, CVE-2024-35659, CVE-2024-5317, CVE-2024-35703, CVE-2024-1768, CVE-2023-51542, CVE-2024-5149, CVE-2024-5463, CVE-2023-47513, CVE-2024-35689, CVE-2024-35715, CVE-2024-34754, CVE-2024-5087, CVE-2024-4194, CVE-2024-23107, CVE-2024-4273, CVE-2023-51511, CVE-2024-0972, CVE-2024-35682, CVE-2024-2350, CVE-2023-23738, CVE-2024-4212, CVE-2024-34793, CVE-2024-5636, CVE-2024-35709, CVE-2024-34384, CVE-2024-29004, CVE-2023-48318, CVE-2024-28103, CVE-2022-4968, CVE-2024-35719, CVE-2024-35701, CVE-2024-2382, CVE-2024-34385, CVE-2024-4459, CVE-2024-5184, CVE-2024-35710, CVE-2024-27371, CVE-2024-20876, CVE-2024-5438, CVE-2024-4703, CVE-2024-35666, CVE-2024-22151, CVE-2024-34765, CVE-2024-20880, CVE-2024-27376, CVE-2024-1164, CVE-2024-5589, CVE-2024-35732, CVE-2024-5638, CVE-2023-51543, CVE-2024-35676, CVE-2024-37154, CVE-2024-5426, CVE-2024-4997

Apple Vision Pro at risk! Govt. issues high-severity alert against vulnerabilities: How to protect your device | Mint

Trust: 3.75

Fetched: June 16, 2024, 9:50 a.m., Published: June 14, 2024, midnight
 Vulnerabilities: denial of service, memory corruption
Affected productsExternal IDs
vendor: apple model: webkit

Re: Vulnerability within photoshop - Adobe Community - 14681733

Trust: 3.0

Fetched: June 16, 2024, 9:45 a.m., Published: June 14, 2024, 4:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2018-18284

CVE-2023-3938 Bypassing ZkTeco-based OEM devices/ZKTeco biom... - vulnerability database | Vulners.com

Trust: 5.0

Fetched: June 16, 2024, 9:43 a.m., Published: May 21, 2024, 9:32 a.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2023-3938

Zyxel Releases Patches for Firmware Vulnerabilities in EoL N... - vulnerability database | Vulners.com

Trust: 4.5

Fetched: June 16, 2024, 9:42 a.m., Published: June 5, 2024, 7:10 a.m.
 Vulnerabilities: privilege escalation, privilege management vulnerability, command injection...
Affected productsExternal IDs
vendor: zyxel model: nas326
vendor: zyxel model: nas542
db: NVD ids: CVE-2024-29976, CVE-2024-29975, CVE-2024-29974, CVE-2024-29972, CVE-2024-29973

linux, linux-gcp, linux-gcp-6.5, linux-lowlatency, linux-low... - vulnerability database | Vulners.com

Trust: 4.75

Fetched: June 16, 2024, 9:42 a.m., Published: June 7, 2024, 8:18 p.m.
 Vulnerabilities: denial of service, pointer dereference vulnerability, system crash
Affected productsExternal IDs
db: NVD ids: CVE-2023-52587, CVE-2024-26585, CVE-2023-52627, CVE-2023-52697, CVE-2024-26634, CVE-2023-52612, CVE-2023-52686, CVE-2024-26671, CVE-2024-26610, CVE-2024-26645, CVE-2023-52696, CVE-2023-52444, CVE-2024-26586, CVE-2023-52491, CVE-2023-52679, CVE-2023-6535, CVE-2023-52486, CVE-2023-52443, CVE-2023-52692, CVE-2023-52677, CVE-2023-52457, CVE-2023-52619, CVE-2023-52675, CVE-2023-6356, CVE-2023-52676, CVE-2024-26595, CVE-2024-26607, CVE-2023-52497, CVE-2023-52468, CVE-2024-26627, CVE-2024-26638, CVE-2023-52621, CVE-2023-52469, CVE-2023-52455, CVE-2024-26620, CVE-2023-52674, CVE-2023-52447, CVE-2023-52472, CVE-2023-52690, CVE-2023-52470, CVE-2023-52681, CVE-2023-52450, CVE-2023-52583, CVE-2023-52608, CVE-2024-26633, CVE-2023-52448, CVE-2023-52685, CVE-2024-26608, CVE-2024-26616, CVE-2023-52456, CVE-2023-52458, CVE-2024-35835, CVE-2024-26646, CVE-2023-52593, CVE-2023-52617, CVE-2023-52633, CVE-2023-52453, CVE-2023-52618, CVE-2023-52694, CVE-2024-26669, CVE-2024-35839, CVE-2023-52666, CVE-2023-6536, CVE-2024-26583, CVE-2023-52664, CVE-2024-26647, CVE-2023-52465, CVE-2023-52614, CVE-2023-52584, CVE-2023-52669, CVE-2023-52462, CVE-2023-52489, CVE-2024-26641, CVE-2024-26631, CVE-2023-52594, CVE-2023-52687, CVE-2023-52610, CVE-2024-35841, CVE-2023-52498, CVE-2024-26673, CVE-2023-52452, CVE-2024-26649, CVE-2023-52494, CVE-2023-52588, CVE-2024-35842, CVE-2023-52449, CVE-2023-52698, CVE-2023-52451, CVE-2023-52622, CVE-2023-52682, CVE-2024-26625, CVE-2024-26623, CVE-2023-52693, CVE-2024-26632, CVE-2023-52446, CVE-2024-24860, CVE-2024-26582, CVE-2024-26636, CVE-2023-52683, CVE-2024-26640, CVE-2023-52487, CVE-2023-52672, CVE-2023-52667, CVE-2024-23849, CVE-2023-52670, CVE-2024-26615, CVE-2024-35840, CVE-2023-52598, CVE-2023-52626, CVE-2024-26629, CVE-2023-52493, CVE-2024-35837, CVE-2023-52488, CVE-2023-52609, CVE-2024-26670, CVE-2023-52473, CVE-2024-26592, CVE-2023-52623, CVE-2024-26598, CVE-2023-52635, CVE-2023-52589, CVE-2023-52463, CVE-2023-52678, CVE-2024-26618, CVE-2023-52611, CVE-2024-26612, CVE-2024-26668, CVE-2023-52490, CVE-2023-52607, CVE-2024-26808, CVE-2024-26644, CVE-2023-52454, CVE-2024-26584, CVE-2023-52445, CVE-2023-52606, CVE-2023-52467, CVE-2023-52599, CVE-2023-52495, CVE-2023-52591, CVE-2023-52595, CVE-2023-52691, CVE-2023-52597, CVE-2023-52492, CVE-2023-52632, CVE-2023-52464, CVE-2024-35838, CVE-2023-52616, CVE-2024-26594, CVE-2023-52680, CVE-2024-21823