Sign-up

VARIoT news about IoT security

Nine Tips to Protect IoT Devices From Security Threats - NETGEAR Blog

Trust: 4.25

Fetched: Dec. 8, 2024, 10:03 a.m., Published: Nov. 25, 2024, 4:13 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: netgear model: router
vendor: essential model: phone

Vulnerabilities Identified in Wyze Cam IoT Device

Related entries in the VARIoT vulnerabilities database: VAR-202203-1880, VAR-202203-1706

Trust: 6.75

Fetched: Dec. 8, 2024, 10:02 a.m., Published: Dec. 1, 2024, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: netgear model: orbi
vendor: netgear model: router
db: NVD ids: CVE-2019-9564, CVE-2019-12266

Configure device discovery - Microsoft Defender for Endpoint | Microsoft Learn

Trust: 3.0

Fetched: Dec. 8, 2024, 10:01 a.m., Published: June 19, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Healthcare software and firmware risks up 59%, says H-ISAC | Healthcare IT News

Trust: 4.75

Fetched: Dec. 8, 2024, 10 a.m., Published: Aug. 8, 2023, 3 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: trend model: security

Research on smart-locks cybersecurity and vulnerabilities | Wireless Networks

Trust: 3.25

Fetched: Dec. 8, 2024, 9:53 a.m., Published: May 27, 2023, midnight
 Vulnerabilities: brute force attack, denial of service

Exploring the Vulnerability of IoT Devices and the Best Practices for Securing Them - eBuilder Security

Trust: 4.25

Fetched: Dec. 8, 2024, 9:52 a.m., Published: Feb. 15, 2023, 5:07 a.m.
 Vulnerabilities: weak password, denial of service
Affected productsExternal IDs
vendor: trend model: security
vendor: delegate model: delegate

Android Offensive Security Blog

Trust: 4.0

Fetched: Dec. 8, 2024, 9:52 a.m., Published: May 8, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-20938

Moxa NPort Device Vulnerabilities (Update B) | CISA

Trust: 4.75

Fetched: Dec. 8, 2024, 9:51 a.m., Published: Dec. 8, 2023, midnight
 Vulnerabilities: request forgery, buffer overflow, cross-site scripting...
Affected productsExternal IDs
vendor: moxa model: nport 5100 series
vendor: moxa model: nport 5200a
vendor: moxa model: nport 5600-dt/dtl
vendor: moxa model: nport 5400 series
vendor: moxa model: nport 5100a
vendor: moxa model: nport 5100a series
vendor: moxa model: nport 5200 series
vendor: moxa model: nport
vendor: moxa model: nport 5x50ai-m12
vendor: moxa model: nport p5150a
vendor: moxa model: nport p5150a series
vendor: moxa model: nport 5600 series
vendor: moxa model: nport 5200a series

Cisco Nexus Dashboard Fabric Controller SQL Injection Vulnerability

Trust: 4.0

Fetched: Dec. 8, 2024, 9:49 a.m., Published: Nov. 6, 2024, 3:52 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: cisco model: nexus

Weekly Cybersecurity Newsletter: Data Breaches, Vulnerabilities, Cyber Attacks, & Other Updates

Trust: 3.25

Fetched: Dec. 8, 2024, 9:49 a.m., Published: Nov. 10, 2024, 1:44 p.m.
 Vulnerabilities: cross-site scripting, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: chrome
vendor: pfsense model: pfsense

CVE-2024-51522 - Cisco Network Device Management Module Disk Corruption Vulnerability

Trust: 3.75

Fetched: Dec. 8, 2024, 9:48 a.m., Published: Nov. 5, 2024, 10:21 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei technologies model: huawei
vendor: huawei model: huawei
db: NVD ids: CVE-2024-51522

Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerabilities - Cisco

Trust: 5.25

Fetched: Dec. 8, 2024, 9:36 a.m., Published: Oct. 23, 2024, 11:03 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: cisco model: asa software

CVE-2024-20455 | Tenable®

Trust: 6.0

Fetched: Dec. 8, 2024, 9:35 a.m., Published: Sept. 25, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: sd-wan
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
db: NVD ids: CVE-2024-20455

A vulnerability in the REST API and web UI of Cisco Nexus... · CVE-2024-20432 · GitHub Advisory Database · GitHub

Trust: 6.0

Fetched: Dec. 8, 2024, 9:34 a.m., Published: Oct. 2, 2024, midnight
 Vulnerabilities: command injection, injection attack
Affected productsExternal IDs
vendor: cisco model: nexus
db: NVD ids: CVE-2024-20432

CVE-2024-10914: Critical Flaw in D-Link NAS Devices Actively Exploited, No Patch!

Related entries in the VARIoT vulnerabilities database: VAR-202411-0293

Trust: 6.0

Fetched: Dec. 8, 2024, 9:34 a.m., Published: Nov. 13, 2024, 10:35 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dns-320lw
vendor: d-link model: dns-325
vendor: d-link model: dns-320
vendor: d-link model: dns-340l
db: NVD ids: CVE-2024-10914

CVE-2024-9579 - Poly Video Conferencing Device Firmware Input sanitation Vulnerability

Trust: 3.0

Fetched: Dec. 8, 2024, 9:21 a.m., Published: Nov. 5, 2024, 5:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-9579

Some Samsung Exynos phone chips have a worrying security flaw | TechRadar

Trust: 3.75

Fetched: Dec. 8, 2024, 9:21 a.m., Published: Oct. 24, 2024, 4:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: note 10
vendor: samsung model: mobile
vendor: samsung model: samsung galaxy
vendor: samsung model: note
vendor: samsung model: exynos
vendor: samsung model: samsung
db: NVD ids: CVE-2024-44068

What is Vulnerability Testing in Cyber security & How Does It Work?

Trust: 3.75

Fetched: Dec. 8, 2024, 9:20 a.m., Published: June 12, 2024, 1:01 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs

December 2024 Android Security Update Fixes 14 Critical Vulnerabilities - Tech on the Go

Trust: 4.5

Fetched: Dec. 6, 2024, 10:05 a.m., Published: Dec. 5, 2024, 4:04 p.m.
 Vulnerabilities: code execution, information disclosure
Affected productsExternal IDs
vendor: google model: android

CVE-2024-20397 : CISCO NX-OS BOOTLOADER ACCESS CONTROL - Prophaze Web Application Security

Trust: 4.0

Fetched: Dec. 6, 2024, 10 a.m., Published: Dec. 5, 2024, 9:17 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: nx-os
vendor: cisco model: nx-os software
vendor: cisco model: cisco nx-os
db: NVD ids: CVE-2024-20397