Sign-up

VARIoT news about IoT security

Microsoft Targets 118 Vulnerabilities in October Patch Rollout -- Redmondmag.com

Trust: 5.0

Fetched: Oct. 9, 2024, 9:40 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-43573, CVE-2024-20659, CVE-2024-43583, CVE-2024-43572, CVE-2024-43488, CVE-2024-43468, CVE-2024-6197, CVE-2024-43582

CVE-2024-30078 Remote Code Execution Vulnerability Analysis and Exploitation - CYFIRMA

Trust: 5.75

Fetched: Oct. 9, 2024, 9:39 a.m., Published: Aug. 22, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-30078

Qualcomm urges OEMs to patch after 'targeted' exploitation • The Register

Trust: 4.75

Fetched: Oct. 9, 2024, 9:38 a.m., Published: -
 Vulnerabilities: input validation issue, memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2024-43047, CVE-2024-33066, CVE-2024-33065, CVE-2024-23369

The URL you requested has been blocked

Trust: 3.5

Fetched: Oct. 9, 2024, 9:37 a.m., Published: Oct. 4, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-8190

Security bulletins and fixes

Trust: 5.25

Fetched: Oct. 9, 2024, 9:36 a.m., Published: July 28, 2024, midnight
 Vulnerabilities: code execution, privilege escalation, memory leak...
Affected productsExternal IDs
vendor: cups model: cups
vendor: mesh model: mesh
db: NVD ids: CVE-2021-47311, CVE-2023-52813, CVE-2023-52781, CVE-2024-35845, CVE-2023-52464, CVE-2023-5090, CVE-2020-26555, CVE-2021-47069, CVE-2024-35235, CVE-2024-35854, CVE-2024-36007, CVE-2024-24762, CVE-2021-47073, CVE-2024-39936, CVE-2024-6409, CVE-2024-26859, CVE-2024-26801, CVE-2023-52835, CVE-2024-26907, CVE-2024-35838, CVE-2024-32021, CVE-2024-35959, CVE-2021-47356, CVE-2021-47236, CVE-2021-46972, CVE-2024-26656, CVE-2024-35960, CVE-2024-36114, CVE-2024-26584, CVE-2023-52700, CVE-2024-35888, CVE-2024-35958, CVE-2024-32004, CVE-2024-26906, CVE-2023-52881, CVE-2021-47456, CVE-2024-26982, CVE-2024-35890, CVE-2024-26804, CVE-2024-26735, CVE-2024-26826, CVE-2024-35835, CVE-2023-52669, CVE-2023-52878, CVE-2024-32020, CVE-2024-26583, CVE-2023-52615, CVE-2023-52626, CVE-2024-32002, CVE-2024-35789, CVE-2023-52703, CVE-2023-25613, CVE-2024-26759, CVE-2024-32465, CVE-2023-52560, CVE-2024-35855, CVE-2023-52667, CVE-2024-26974, CVE-2021-46909, CVE-2024-6387, CVE-2021-47310, CVE-2023-52675, CVE-2024-35853, CVE-2023-52877, CVE-2024-27410, CVE-2024-26585, CVE-2023-52686, CVE-2021-47495, CVE-2024-35852, CVE-2024-27397, CVE-2021-47353, CVE-2024-36004, CVE-2024-26675, CVE-2024-26130

CVE-2024-34618: Samsung Mobile Device Vulnerability and Mitigation

Trust: 4.75

Fetched: Oct. 9, 2024, 9:35 a.m., Published: Aug. 9, 2024, midnight
 Vulnerabilities: improper access control
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung mobile
vendor: samsung model: mobile devices
vendor: samsung model: samsung
db: NVD ids: CVE-2024-34618

Qualcomm Vulnerability (CVE-2024-43047) Explained

Trust: 5.75

Fetched: Oct. 9, 2024, 9:34 a.m., Published: Oct. 8, 2024, 6:29 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-43047

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Trust: 5.0

Fetched: Oct. 9, 2024, 9:28 a.m., Published: Sept. 14, 2024, 4:12 a.m.
 Vulnerabilities: os command injection, code execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-8190, CVE-2024-29847

Navigating the Threat Landscape of IoT: An Analysis of Attacks | SpringerLink

Trust: 4.0

Fetched: Oct. 9, 2024, 9:26 a.m., Published: Oct. 9, 2024, midnight
 Vulnerabilities: cross-site scripting, data injection, sql injection...

Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability - Cisco

Trust: 3.75

Fetched: Oct. 9, 2024, 9:26 a.m., Published: Oct. 2, 2024, 11:15 a.m.
 Vulnerabilities: command execution, arbitrary command execution
Affected productsExternal IDs
vendor: cisco model: nexus

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability

Trust: 4.0

Fetched: Oct. 9, 2024, 9:24 a.m., Published: Oct. 5, 2024, 4:50 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: ipad air
db: NVD ids: CVE-2024-44204, CVE-2024-44207

The Rise Of IoT Vulnerabilities: Keeping Your Smart Home Secure - ITU Online

Trust: 3.25

Fetched: Oct. 9, 2024, 9:23 a.m., Published: Oct. 1, 2024, 6:42 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

IoT Vulnerabilities for Cybersecurity

Trust: 3.25

Fetched: Oct. 9, 2024, 9:22 a.m., Published: Oct. 2, 2024, midnight
 Vulnerabilities: denial of service, default password
Affected productsExternal IDs
vendor: google model: wifi
vendor: google model: home

New Scanner Released to Detect CUPS RCE Vulnerability CVE-2024-47176 | Black Hat Ethical Hacking

Trust: 5.0

Fetched: Oct. 9, 2024, 9:22 a.m., Published: Oct. 9, 2024, 8:18 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cups model: cups
db: NVD ids: CVE-2024-47176

Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Trust: 4.75

Fetched: Oct. 9, 2024, 9:20 a.m., Published: Oct. 8, 2024, 4:38 p.m.
 Vulnerabilities: code execution, sql injection, os command injection...
Affected productsExternal IDs
db: NVD ids: CVE-2024-9379, CVE-2024-8963, CVE-2024-8190, CVE-2024-9380, CVE-2024-9381, CVE-2024-29824

Following the Trail of Flax Typhoon to Uncover Newly Discovered Vulnerabilities in Linear Emerge Access Control Devices

Related entries in the VARIoT vulnerabilities database: VAR-201907-0157

Trust: 3.75

Fetched: Oct. 9, 2024, 9:19 a.m., Published: Oct. 8, 2024, midnight
 Vulnerabilities: os command injection, code execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2019-7256, CVE-2024-9441

Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202205-0394

Trust: 4.5

Fetched: Oct. 9, 2024, 9:17 a.m., Published: Oct. 9, 2023, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: citrix model: netscaler
vendor: check point model: check point
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: sophos model: firewall
db: NVD ids: CVE-2024-24919, CVE-2024-3400, CVE-2022-1388, CVE-2023-3519, CVE-2024-21887, CVE-2019-19781

High-severity Qualcomm zero-day vulnerability under attack | TechTarget

Trust: 5.0

Fetched: Oct. 9, 2024, 9:16 a.m., Published: Oct. 8, 2024, midnight
 Vulnerabilities: privilege escalation, code execution, memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-43047

14 DrayTek vulnerabilities patched, including max-severity RCE flaw | SC Media

Related entries in the VARIoT vulnerabilities database: VAR-202407-1768

Trust: 5.25

Fetched: Oct. 8, 2024, 9:26 a.m., Published: Feb. 13, 2024, 7 p.m.
 Vulnerabilities: cross-site scripting, code execution, buffer overflow...
Affected productsExternal IDs
vendor: draytek model: draytek routers
vendor: draytek model: routers
vendor: draytek model: vigor
db: NVD ids: CVE-2024-41502, CVE-2024-41589, CVE-2024-41492, CVE-2024-41585

【Vulnerability Alert】 Multiple High-Risk Vulnerabilities Found in Planet Technology Switch Devices

Trust: 4.75

Fetched: Oct. 8, 2024, 9:26 a.m., Published: Oct. 8, 2024, midnight
 Vulnerabilities: privilege escalation, cross-site request forgery, request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-8458, CVE-2024-8456, CVE-2024-8448