VARIoT latest news about IoT security

Cups Linux printing bugs open door to DDoS attacks, says Akamai \| Computer Weekly Trust: 4.5 Fetched: Oct. 9, 2024, 10:17 a.m., Published: Oct. 4, 2024, midnight	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:

cups

model:

cups

db:

NVD

ids:

CVE-2024-47177, CVE-2024-47076, CVE-2024-47176, CVE-2024-47175

Addressing Common SIP Device Vulnerabilities Trust: 3.75 Fetched: Oct. 9, 2024, 10:17 a.m., Published: Oct. 5, 2024, midnight	Vulnerabilities: denial of service

Affected products	External IDs

CVE-2024-43363 \| Tenable® Trust: 3.25 Fetched: Oct. 9, 2024, 10:17 a.m., Published: Oct. 5, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43363

Cisco Nexus Dashboard Fabric Controller Configuration Backup Information Disclosure Vulnerability - Cisco Trust: 5.25 Fetched: Oct. 9, 2024, 10:15 a.m., Published: Oct. 2, 2024, 11:15 a.m.	Vulnerabilities: information disclosure

Affected products

External IDs

vendor:

cisco

model:

nexus

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution Trust: 5.5 Fetched: Oct. 9, 2024, 10:05 a.m., Published: Sept. 27, 2024, 12:33 p.m.	Vulnerabilities: command execution, privilege escalation, code execution...

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	palo	model:	networks
vendor:	cups	model:	cups

db:

NVD

ids:

CVE-2024-47177, CVE-2024-47076, CVE-2024-47176, CVE-2024-47175

What is a Router Firewall and How Does it Work? Trust: 4.75 Fetched: Oct. 9, 2024, 10:03 a.m., Published: Sept. 28, 2024, midnight	Vulnerabilities: default credentials

Affected products

External IDs

vendor:	cisco	model:	guard
vendor:	cisco	model:	router
vendor:	cisco	model:	routers
vendor:	rising	model:	antivirus

High-severity Qualcomm zero-day vulnerability under attack \| TechTarget Trust: 5.0 Fetched: Oct. 9, 2024, 10:02 a.m., Published: Oct. 8, 2024, midnight	Vulnerabilities: privilege escalation, code execution, memory corruption

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2024-43047

October 2024 Patch Tuesday: Updates and Analysis \| CrowdStrike Trust: 5.0 Fetched: Oct. 9, 2024, 10 a.m., Published: Oct. 8, 2024, 10:53 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43573, CVE-2024-43572, CVE-2024-43488, CVE-2024-43468, CVE-2024-43582

Anatomy of a Cyber Attack: PAN-OS Firewall Zero-Day I Arctic Wolf Trust: 4.25 Fetched: Oct. 9, 2024, 9:59 a.m., Published: Oct. 7, 2024, 9:06 p.m.	Vulnerabilities: command execution, path traversal

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	pan-os
vendor:	palo	model:	networks
vendor:	palo	model:	firewall
vendor:	palo	model:	pan-os

db:

NVD

ids:

CVE-2019-1579, CVE-2024-3400

October 2024 Patch Tuesday - Spiceworks Trust: 5.0 Fetched: Oct. 9, 2024, 9:59 a.m., Published: -	Vulnerabilities: cross-site scripting, code execution, denial of service...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43573, CVE-2024-20659, CVE-2024-43583, CVE-2024-43572, CVE-2024-43488, CVE-2024-43468, CVE-2024-6197, CVE-2024-43582

CVE-2024-41798 - Exploits & Severity - Feedly Related entries in the VARIoT vulnerabilities database: VAR-202410-0128 Trust: 4.25 Fetched: Oct. 9, 2024, 9:58 a.m., Published: Oct. 8, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

sentron pac3200

db:

NVD

ids:

CVE-2024-41798

Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202005-0397 Trust: 5.25 Fetched: Oct. 9, 2024, 9:53 a.m., Published: Oct. 7, 2024, midnight	Vulnerabilities: entity injection, bounds access flaw, pointer dereference flaw...

Affected products

External IDs

vendor:	dnsmasq	model:	dnsmasq
vendor:	x.org	model:	libx11
vendor:	bouncy castle	model:	bouncy castle

db:

NVD

ids:

CVE-2023-6536, CVE-2022-45884, CVE-2022-42895, CVE-2024-22329, CVE-2023-1118, CVE-2024-38809, CVE-2023-1989, CVE-2023-1829, CVE-2023-2513, CVE-2023-4641, CVE-2023-35825, CVE-2023-1252, CVE-2023-29491, CVE-2023-4527, CVE-2023-33952, CVE-2023-40283, CVE-2022-44638, CVE-2023-3772, CVE-2023-4208, CVE-2023-3611, CVE-2023-3446, CVE-2023-50387, CVE-2023-46218, CVE-2023-20900, CVE-2023-6610, CVE-2024-35152, CVE-2023-0803, CVE-2023-6606, CVE-2023-1079, CVE-2023-6356, CVE-2023-4155, CVE-2023-1281, CVE-2022-48624, CVE-2023-0458, CVE-2023-4806, CVE-2024-35153, CVE-2023-28772, CVE-2023-3609, CVE-2023-6135, CVE-2023-45871, CVE-2023-4921, CVE-2021-35939, CVE-2023-4206, CVE-2023-28328, CVE-2023-1206, CVE-2023-2162, CVE-2023-28322, CVE-2023-3161, CVE-2023-0590, CVE-2022-40982, CVE-2023-0597, CVE-2023-4128, CVE-2024-22354, CVE-2023-3141, CVE-2023-5678, CVE-2023-4016, CVE-2023-28466, CVE-2023-20593, CVE-2023-6817, CVE-2024-28834, CVE-2024-30172, CVE-2023-4207, CVE-2023-2166, CVE-2023-26545, CVE-2022-3640, CVE-2023-4132, CVE-2022-41858, CVE-2023-5981, CVE-2023-2163, CVE-2021-35937, CVE-2023-42753, CVE-2023-3268, CVE-2024-0646, CVE-2023-1192, CVE-2023-4622, CVE-2023-3812, CVE-2023-35824, CVE-2023-5178, CVE-2023-5717, CVE-2022-45919, CVE-2023-1998, CVE-2024-30171, CVE-2023-50315, CVE-2023-4911, CVE-2022-42896, CVE-2023-0800, CVE-2020-12762, CVE-2022-4744, CVE-2023-20867, CVE-2023-3138, CVE-2023-1073, CVE-2023-2124, CVE-2023-5633, CVE-2023-1382, CVE-2024-25026, CVE-2023-38546, CVE-2022-3545, CVE-2023-30630, CVE-2022-45869, CVE-2017-7500, CVE-2022-40133, CVE-2024-31882, CVE-2024-29857, CVE-2021-35938, CVE-2023-48795, CVE-2023-35017, CVE-2023-28450, CVE-2023-35823, CVE-2023-1855, CVE-2023-33951, CVE-2024-0553, CVE-2023-3212, CVE-2021-43975, CVE-2022-48281, CVE-2022-3594, CVE-2023-30456, CVE-2023-38408, CVE-2023-46813, CVE-2023-2235, CVE-2024-35136, CVE-2024-35154, CVE-2022-38457, CVE-2023-31436, CVE-2023-0801, CVE-2023-1838, CVE-2023-4732, CVE-2023-6535, CVE-2023-3817, CVE-2022-45887, CVE-2023-1074, CVE-2023-23455, CVE-2023-0804, CVE-2021-41043, CVE-2023-7104, CVE-2023-0802, CVE-2023-4623, CVE-2023-2176, CVE-2023-31084, CVE-2023-51385, CVE-2024-37529, CVE-2022-28388, CVE-2023-33203, CVE-2023-50868, CVE-2023-4813, CVE-2017-7501, CVE-2023-20569, CVE-2023-1075, CVE-2023-2194, CVE-2024-2961

Security Advisory \| Rockwell Automation \| US Related entries in the VARIoT vulnerabilities database: VAR-202410-1035 Trust: 3.0 Fetched: Oct. 9, 2024, 9:51 a.m., Published: May 16, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-9124

Ivanti Patches CSA Appliance Against Vulnerabilities, Including Actively Exploited Flaws Trust: 4.0 Fetched: Oct. 9, 2024, 9:50 a.m., Published: Oct. 8, 2024, 2:53 p.m.	Vulnerabilities: code execution, sql injection, os command injection...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8963, CVE-2024-9379, CVE-2024-9381, CVE-2024-9380

Microsoft repairs 2 zero-days on October Patch Tuesday \| TechTarget Trust: 4.75 Fetched: Oct. 9, 2024, 9:49 a.m., Published: Oct. 8, 2024, midnight	Vulnerabilities: code execution, security feature bypass, feature bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43573, CVE-2024-20659, CVE-2024-43583, CVE-2024-43572, CVE-2024-43468, CVE-2024-6197

Akamai finds many systems with exposed CUPS vulnerability [LWN.net] Trust: 3.0 Fetched: Oct. 9, 2024, 9:49 a.m., Published: Oct. 5, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

cups

model:

cups

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Trust: 5.25 Fetched: Oct. 9, 2024, 9:43 a.m., Published: Oct. 7, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

Qualcomm issues response to possible spyware exploit within devices Trust: 5.0 Fetched: Oct. 9, 2024, 9:43 a.m., Published: Oct. 9, 2024, 5:32 a.m.	Vulnerabilities: input validation issue, memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43047, CVE-2024-33066

Microsoft’s October 2024 Patch Tuesday Addresses 117 CVEs (CVE-2024-43572, CVE-2024-43573) - Blog \| Tenable® Trust: 3.75 Fetched: Oct. 9, 2024, 9:42 a.m., Published: Oct. 8, 2024, 6:01 p.m.	Vulnerabilities: denial of service, code execution, security feature bypass...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-38261, CVE-2024-43583, CVE-2024-38124, CVE-2024-43589, CVE-2024-43592, CVE-2024-43593, CVE-2024-43573, CVE-2024-43611, CVE-2024-43599, CVE-2024-43572, CVE-2024-30040, CVE-2024-43468, CVE-2024-38265, CVE-2024-38212, CVE-2024-43549, CVE-2024-43453, CVE-2024-43461, CVE-2024-43564, CVE-2024-20659, CVE-2024-38259, CVE-2024-43608, CVE-2024-43533, CVE-2024-43607, CVE-2024-38112

Microsoft’s October 2024 Patch Tuesday Addresses Five Zero-days and 118 Vulnerabilities - VULNERA Trust: 5.0 Fetched: Oct. 9, 2024, 9:40 a.m., Published: Oct. 8, 2024, 6:16 p.m.	Vulnerabilities: code execution, security feature bypass, feature bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43573, CVE-2024-20659, CVE-2024-43583, CVE-2024-43572, CVE-2024-6197

VARIoT news about IoT security