Sign-up

VARIoT news about IoT security

IoT needs more respect for its consumers, creations, and itself - Help Net Security

Trust: 3.0

Fetched: Nov. 1, 2024, 9:57 a.m., Published: Oct. 30, 2024, 12:57 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

Security Update: Critical CUPS Vulnerability - Blog Detectify

Trust: 4.75

Fetched: Nov. 1, 2024, 9:55 a.m., Published: Sept. 27, 2024, 11:08 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cups model: cups
db: NVD ids: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177

Cracking the Core: Hardware Vulnerabilities in Android Devices Unveiled

Trust: 4.25

Fetched: Nov. 1, 2024, 9:53 a.m., Published: Jan. 1, 2024, midnight
 Vulnerabilities: information disclosure, improper memory management, buffer overflow...
Affected productsExternal IDs
vendor: hak5 model: wifi pineapple
vendor: google model: wifi
vendor: google model: android
db: NVD ids: CVE-2016-2454

Forescout Research reveals 162 vulnerabilities in connected medical devices, elevating risks to patient data and safety - Industrial Cyber

Trust: 4.25

Fetched: Nov. 1, 2024, 9:52 a.m., Published: Oct. 30, 2024, 1:02 p.m.
 Vulnerabilities: denial of service, information disclosure, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2017-0143

Rockwell Automation Devices Vulnerable to Unauthorized Entry - Teach Read Online

Trust: 4.75

Fetched: Nov. 1, 2024, 9:51 a.m., Published: Aug. 5, 2024, 8:05 a.m.
 Vulnerabilities: security bypass
Affected productsExternal IDs
vendor: rockwell model: 1756-en2f series c
vendor: rockwell model: controllogix 5580
vendor: rockwell model: 1756-en2tr series
vendor: rockwell model: 1756-en2tr series c
vendor: rockwell model: controllogix
vendor: rockwell model: 1756-en3tr series
vendor: rockwell model: automation controllogix
vendor: rockwell model: 1756-en2t series
vendor: rockwell model: controllogix controller
vendor: rockwell model: 1756-en2f series
vendor: rockwell model: 1756-en3tr series b
vendor: rockwell model: guardlogix
vendor: rockwell automation model: 1756-en2f series c
vendor: rockwell automation model: controllogix 5580
vendor: rockwell automation model: 1756-en2tr series
vendor: rockwell automation model: 1756-en2tr series c
vendor: rockwell automation model: controllogix
vendor: rockwell automation model: 1756-en3tr series
vendor: rockwell automation model: automation controllogix
vendor: rockwell automation model: 1756-en2t series
vendor: rockwell automation model: controllogix controller
vendor: rockwell automation model: 1756-en2f series
vendor: rockwell automation model: 1756-en3tr series b
vendor: rockwell automation model: guardlogix
db: NVD ids: CVE-2024-6242

Detailed Analysis and Mitigation Strategies for CVE-2024-45615 in Red Hat Products

Trust: 4.0

Fetched: Nov. 1, 2024, 9:50 a.m., Published: Nov. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: opensc model: opensc
db: NVD ids: CVE-2024-45615

CVE-2024-7849: D-Link Buffer Overflow Vulnerability in Unsupported NAS Devices

Trust: 5.25

Fetched: Nov. 1, 2024, 9:50 a.m., Published: -
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-7849

System BIOS komputera Dell Latitude 7400 2 w 1 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Nov. 1, 2024, 9:50 a.m., Published: Feb. 1, 7400, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: latitude
vendor: dell model: bios

System BIOS komputera Dell Latitude 9440 2 w 1 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Nov. 1, 2024, 9:49 a.m., Published: Feb. 1, 9440, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: latitude
vendor: dell model: bios

Microsoft Copilot Fixes ASCII Smuggling Vulnerability

Trust: 3.0

Fetched: Nov. 1, 2024, 9:49 a.m., Published: Nov. 19, 2024, midnight
 Vulnerabilities: injection attack
Affected productsExternal IDs

Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

Trust: 4.75

Fetched: Nov. 1, 2024, 9:48 a.m., Published: Oct. 29, 2024, 1 p.m.
 Vulnerabilities: file overwrite bug, timing attack, improper access control...
Affected productsExternal IDs
db: NVD ids: CVE-2024-7474, CVE-2024-7010, CVE-2024-0129, CVE-2024-8396, CVE-2024-7475, CVE-2024-7473, CVE-2024-5982, CVE-2024-6983

About the security content of iOS 18.1 and iPadOS 18.1 - Apple Support

Trust: 4.25

Fetched: Nov. 1, 2024, 9:47 a.m., Published: Nov. 18, 2024, midnight
 Vulnerabilities: information disclosure, memory corruption, process crash...
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: ipad air
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2024-44240, CVE-2024-44296, CVE-2024-44194, CVE-2024-44258, CVE-2024-44259, CVE-2024-44244, CVE-2024-40867, CVE-2024-44215, CVE-2024-44278, CVE-2024-44254, CVE-2024-44285, CVE-2024-44239, CVE-2024-40851, CVE-2024-44277, CVE-2024-44255, CVE-2024-44235, CVE-2024-44273, CVE-2024-44229, CVE-2024-44282, CVE-2024-44261, CVE-2024-44251, CVE-2024-44302, CVE-2024-44218, CVE-2024-44269, CVE-2024-44263, CVE-2024-44297, CVE-2024-44252, CVE-2024-44274

Critical Command Injection Vulnerability Affects D-Link Devices Up to 20240814 (CVE-2024-8210) | SecurityVulnerability.io - SecuirtyVulnerability.io

Related entries in the VARIoT vulnerabilities database: VAR-202408-2340

Trust: 6.0

Fetched: Nov. 1, 2024, 9:46 a.m., Published: -
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dnr-326
vendor: d-link model: dns-323
vendor: d-link model: dns-320lw
vendor: d-link model: dns-327l
vendor: d-link model: dnr-322l
vendor: d-link model: dns-325
vendor: d-link model: dns-345
vendor: d-link model: dns-320l
vendor: d-link model: dns-320
vendor: d-link model: dns-340l
db: NVD ids: CVE-2024-8210

Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability · Issue #329 · dotnet/announcements

Trust: 4.75

Fetched: Nov. 1, 2024, 9:45 a.m., Published: Nov. 1, 2044, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-43485

CVE-2024-3506 - XProtect Device Pack Buffer Overflow Vulnerability

Trust: 5.75

Fetched: Nov. 1, 2024, 9:45 a.m., Published: Oct. 8, 2024, 10:15 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: milestone model: xprotect
vendor: milestonesys model: xprotect
db: NVD ids: CVE-2024-3506

Remote Command Execution Vulnerability in D-Link Devices (CVE-2024-44334) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 4.25

Fetched: Nov. 1, 2024, 9:44 a.m., Published: Sept. 9, 2024, midnight
 Vulnerabilities: command execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-44334

Mitigating CVE-2024-41366: Remote Code Execution Vulnerability in RPi-Jukebox-RFID v2.7.0

Trust: 4.0

Fetched: Nov. 1, 2024, 9:43 a.m., Published: Feb. 7, 2000, midnight
 Vulnerabilities: code injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-41366

CVE-2024-48548 - vulnerability database | Vulners.com

Trust: 3.25

Fetched: Nov. 1, 2024, 9:42 a.m., Published: Oct. 24, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-48548

Cellular IoT Vulnerabilities: Another Door to Cellular Networks | Trend Micro (IE)

Related entries in the VARIoT vulnerabilities database: VAR-202310-0004, VAR-202011-1308, VAR-202408-1859

Trust: 4.5

Fetched: Nov. 1, 2024, 9:42 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend micro model: security
vendor: d-link model: router
vendor: tp-link model: gateway
vendor: tp-link model: routers
vendor: trend model: security
db: NVD ids: CVE-2023-43261, CVE-2020-3657, CVE-2024-20082, CVE-2023-47610

Cellular IoT Vulnerabilities: Another Door to Cellular Networks | Trend Micro (US)

Related entries in the VARIoT vulnerabilities database: VAR-202310-0004, VAR-202011-1308, VAR-202408-1859

Trust: 4.5

Fetched: Nov. 1, 2024, 9:39 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend micro model: security
vendor: d-link model: router
vendor: tp-link model: gateway
vendor: tp-link model: routers
vendor: trend model: security
db: NVD ids: CVE-2023-43261, CVE-2020-3657, CVE-2024-20082, CVE-2023-47610