Sign-up

VARIoT news about IoT security

CVE-2024-56434 : Use-After-Free Vulnerability in Huawei Device Node Access Module | SecurityVulnerability.io

Trust: 4.25

Fetched: Jan. 8, 2025, 9:11 a.m., Published: Jan. 8, 2025, 1:32 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2024-56434

CVE-2024-56442 : NFC Service Module Vulnerability in Huawei Devices | SecurityVulnerability.io

Trust: 4.25

Fetched: Jan. 8, 2025, 9:10 a.m., Published: Jan. 8, 2025, 2:20 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2024-56442

Thousands of SonicWall Devices Still Vulnerable to CVE-2024-40766

Trust: 3.75

Fetched: Jan. 8, 2025, 9:10 a.m., Published: Jan. 7, 2025, 4:35 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-40766

Industrial networks exposed to attack by faulty Moxa devices | TechRadar

Trust: 3.75

Fetched: Jan. 8, 2025, 9:09 a.m., Published: Jan. 7, 2025, 10:53 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: moxa model: edr-810 series
vendor: moxa model: edr-810
db: NVD ids: CVE-2024-9140, CVE-2024-9138

48,000+ Vulnerable SonicWall Devices Under Attack From Akira And Fog Ransomware | Cyber Security News

Trust: 4.75

Fetched: Jan. 8, 2025, 9:08 a.m., Published: Jan. 7, 2025, 1:59 p.m.
 Vulnerabilities: access control flaw, improper access control
Affected productsExternal IDs
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2024-40766

Critical CVE-2024-12757 Vulnerability in Nedap Ecoreader: Immediate Action Required | Windows Forum

Trust: 4.75

Fetched: Jan. 8, 2025, 9:08 a.m., Published: May 8, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-12757

Critical Vulnerabilities in ABB Control Systems: Urgent Updates Required | Windows Forum

Trust: 3.75

Fetched: Jan. 8, 2025, 9:07 a.m., Published: May 8, 2025, midnight
 Vulnerabilities: improper validation, code injection, request forgery...
Affected productsExternal IDs
db: NVD ids: CVE-2024-48840, CVE-2024-6298, CVE-2024-6209, CVE-2024-48839

Thousands Of SonicWall Devices Remain Vulnerable To CVE-2024-40766

Trust: 3.75

Fetched: Jan. 8, 2025, 9:07 a.m., Published: Jan. 8, 2025, 7:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-40766

CVE-2020-1821 | TenableĀ®

Related entries in the VARIoT vulnerabilities database: VAR-202006-1878, VAR-202006-1874, VAR-202006-1879, VAR-202006-1876, VAR-202006-1877, VAR-202006-1873, VAR-202006-1881

Trust: 4.25

Fetched: Jan. 7, 2025, 9:50 a.m., Published: May 7, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2020-1819, CVE-2020-1820, CVE-2020-1824, CVE-2020-1823, CVE-2020-1818, CVE-2020-1822, CVE-2020-1821

The Best Car Anti-Theft Devices of 2025 | GearJunkie Tested

Trust: 3.75

Fetched: Jan. 7, 2025, 9:47 a.m., Published: Dec. 10, 2024, 4:55 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

Vulnerable Moxa devices expose industrial networks to attacks

Trust: 5.5

Fetched: Jan. 7, 2025, 9:45 a.m., Published: Jan. 6, 2025, 6 p.m.
 Vulnerabilities: os command injection, command injection, validation bypass...
Affected productsExternal IDs
vendor: moxa model: edr-g903
vendor: moxa model: edr-g903 series
vendor: moxa model: edr-810 series
vendor: moxa model: edr-810
db: NVD ids: CVE-2024-9138, CVE-2024-9140

Update Canonical Ubuntu Desktop: USN-7149-1: Intel Microcode vulnerabilities

Trust: 6.0

Fetched: Jan. 7, 2025, 9:44 a.m., Published: Jan. 7, 7149, midnight
 Vulnerabilities: system crash, denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-23918, CVE-2024-21853, CVE-2024-21820, CVE-2024-23984, CVE-2024-24968

Understanding CVE-2024-54106: Mitigating the Null Pointer Dereference Vulnerability in Huawei HarmonyOS

Trust: 6.0

Fetched: Jan. 7, 2025, 9:43 a.m., Published: Dec. 12, 2024, midnight
 Vulnerabilities: application crash, pointer dereference vulnerability
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2024-54106

Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection - Tech Investor News

Trust: 4.0

Fetched: Jan. 7, 2025, 9:42 a.m., Published: Dec. 13, 2024, 4:48 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-54143

2024 Threat Landscape Statistics | Rapid7 Blog

Trust: 3.5

Fetched: Jan. 7, 2025, 9:41 a.m., Published: Dec. 16, 2024, 2:09 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: trend model: security
vendor: palo model: networks
db: NVD ids: CVE-2018-15961, CVE-2020-14882, CVE-2024-9474, CVE-2024-47575, CVE-2024-0012

Android Security Updates: Patch for Critical RCE Vulnerabilities

Trust: 5.0

Fetched: Jan. 7, 2025, 9:41 a.m., Published: Jan. 7, 2025, 7:06 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747, CVE-2024-49748

Update Canonical Ubuntu Desktop: USN-7150-1: Tornado vulnerabilities

Trust: 6.25

Fetched: Jan. 7, 2025, 9:40 a.m., Published: Jan. 7, 7150, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-52804, CVE-2023-28370

Update Canonical Ubuntu Desktop: USN-7156-1: Linux kernel (GKE) vulnerabilities

Trust: 3.25

Fetched: Jan. 7, 2025, 9:38 a.m., Published: Jan. 7, 7156, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

The 14 Best Vulnerability Scanning Tools in 2025 | FireMon

Trust: 4.25

Fetched: Jan. 7, 2025, 9:37 a.m., Published: Dec. 17, 2024, 11:20 a.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks

Moxa Devices Vulnerable To Cyberattacks, Threatening Industrial Networks

Trust: 5.5

Fetched: Jan. 7, 2025, 9:36 a.m., Published: Jan. 7, 2025, 4:34 a.m.
 Vulnerabilities: os command injection, command injection, privilege escalation...
Affected productsExternal IDs
vendor: moxa model: edr-g903
vendor: moxa model: edr-g903 series
vendor: moxa model: edr-810 series
vendor: moxa model: edr-810
db: NVD ids: CVE-2024-9138, CVE-2024-9140