VARIoT latest news about IoT security

The Cybersecurity Risks of IoT Devices - IntraSystems Trust: 4.75 Fetched: Jan. 7, 2025, 9:35 a.m., Published: Dec. 19, 2024, 3:21 p.m.	Vulnerabilities: default credentials

Affected products	External IDs

Critical Vulnerabilities In Philips Smart Lighting Products Trust: 3.5 Fetched: Jan. 7, 2025, 9:27 a.m., Published: Oct. 28, 2024, 6:03 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2020-6007

Lexmark Devices Showing Security Vulnerabilities for jQuery 3.3.1: specifically CVE-2020-7656, CVE-2020-11022, and CVE-2020-11023 \| Lexmark CX920 Related entries in the VARIoT vulnerabilities database: VAR-202004-2191, VAR-202004-2199 Trust: 3.75 Fetched: Jan. 7, 2025, 9:26 a.m., Published: May 7, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	lexmark	model:	lexmark
vendor:	jquery	model:	jquery

db:

NVD

ids:

CVE-2020-7656, CVE-2020-11022, CVE-2020-11023

1 Million Vulnerable Fortinet, SonicWall Devices Exposed Trust: 5.5 Fetched: Jan. 7, 2025, 9:26 a.m., Published: Nov. 1, 2024, 4:14 p.m.	Vulnerabilities: improper access control, integer overflow, access control vulnerability

Affected products

External IDs

vendor:	sonicwall	model:	remote access
vendor:	sonicwall	model:	ssl vpn
vendor:	sonicwall	model:	sonicos
vendor:	litespeed	model:	litespeed web server

db:

NVD

ids:

CVE-2024-9264, CVE-2024-51567, CVE-2024-51568, CVE-2024-23113, CVE-2024-40766, CVE-2024-46483, CVE-2024-47575

High-severity zero-day vulnerability in Qualcomm chips actively exploited Trust: 3.75 Fetched: Jan. 7, 2025, 9:25 a.m., Published: Oct. 8, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	mobile phones
vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung
vendor:	google	model:	android

db:

NVD

ids:

CVE-2024-43047

Cisco Adaptive Security Appliance and Firepower Threat Defense Software TLS Denial of Service Vulnerability Trust: 4.0 Fetched: Jan. 7, 2025, 9:25 a.m., Published: Oct. 23, 2024, 3:57 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	series
vendor:	cisco	model:	series industrial security appliances
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	asa software
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower threat defense

Hacking Your Own IoT: A White Hat’s Guide to Securing Smart Devices Trust: 4.25 Fetched: Jan. 7, 2025, 9:23 a.m., Published: Jan. 7, 2025, 2 p.m.	Vulnerabilities: cross-site scripting, sql injection, default credentials

Affected products

External IDs

vendor:

wireshark

model:

wireshark

IoT Security: Protecting the Connected World - Asimily Trust: 4.5 Fetched: Jan. 7, 2025, 9:22 a.m., Published: Nov. 7, 2024, 9:21 p.m.	Vulnerabilities: denial of service

Affected products	External IDs

Critical Security Vulnerabilities Detected in Moxa Industrial Devices - VULNERA Trust: 5.75 Fetched: Jan. 7, 2025, 9:22 a.m., Published: Jan. 6, 2025, 5:15 p.m.	Vulnerabilities: command injection, os command injection, code execution

Affected products

External IDs

vendor:	moxa	model:	edr-810 series
vendor:	moxa	model:	edr-810 series firmware
vendor:	moxa	model:	edr-810

db:

NVD

ids:

CVE-2024-9138, CVE-2024-9140

Hacking Your Own IoT: A White Hat’s Guide to Securing Smart Devices Trust: 4.25 Fetched: Jan. 7, 2025, 9:21 a.m., Published: Jan. 7, 2025, 2 p.m.	Vulnerabilities: cross-site scripting, sql injection, default credentials

Affected products

External IDs

vendor:

wireshark

model:

wireshark

Siemens SIMATIC HMI Panels \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202210-0467 Trust: 3.75 Fetched: Jan. 7, 2025, 9:17 a.m., Published: Jan. 7, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	siemens	model:	simatic hmi
vendor:	siemens	model:	siemens simatic hmi
vendor:	siemens	model:	simatic hmi comfort panels
vendor:	siemens	model:	simatic hmi panels
vendor:	siemens	model:	simatic
vendor:	siemens	model:	simatic hmi ktp mobile panels

db:

NVD

ids:

CVE-2022-40227

Cyber Risks Prediction and Analysis in Medical Emergency Equipment for Situational Awareness - PMC Related entries in the VARIoT vulnerabilities database: VAR-201109-0127 Trust: 5.0 Fetched: Jan. 7, 2025, 9:13 a.m., Published: Aug. 6, 2021, midnight	Vulnerabilities: denial of service, information leakage, cross-site scripting...

Affected products

External IDs

vendor:	node.js	model:	node.js
vendor:	wireshark	model:	wireshark
vendor:	mesh	model:	mesh
vendor:	essential	model:	phone
vendor:	google	model:	wifi
vendor:	google	model:	home

db:

NVD

ids:

CVE-2011-3386, CVE-2021-27408, CVE-2021-27410

CVE-2020-9210 \| Tenable® Related entries in the VARIoT vulnerabilities database: VAR-202412-2693 Trust: 4.0 Fetched: Jan. 5, 2025, 9:39 a.m., Published: Jan. 5, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	huawei	model:	huawei
vendor:	huawei	model:	myna

db:

NVD

ids:

CVE-2020-9210

Kr00K vulnerability affects devices with Broadcom and Cypress Wi-Fi chips - UMA Technology Related entries in the VARIoT vulnerabilities database: VAR-202002-0458 Trust: 3.75 Fetched: Jan. 5, 2025, 9:37 a.m., Published: Jan. 3, 2025, 11:09 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2019-15126

Technical Support: UXR0334A Infiniium UXR-Series Oscilloscope: 33 GHz, 4 Channels \| Keysight Trust: 4.0 Fetched: Jan. 5, 2025, 9:37 a.m., Published: Feb. 10, 2021, 8:04 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

dram

model:

dram

Update Canonical Ubuntu Server: USN-7144-1: Linux kernel (Intel IoTG) vulnerabilities Trust: 4.25 Fetched: Jan. 5, 2025, 9:35 a.m., Published: Jan. 5, 7144, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

db:

NVD

ids:

CVE-2024-25744

How CrowdStrike Protects Customers from Log4Shell Threats Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566 Trust: 3.0 Fetched: Jan. 5, 2025, 9:35 a.m., Published: Dec. 31, 2024, 7:57 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-45046, CVE-2021-44228

Hackers Exploit Vulnerability In 15,000 Industrial Routers Worldwide Trust: 4.75 Fetched: Jan. 5, 2025, 9:34 a.m., Published: Jan. 5, 2018, midnight	Vulnerabilities: default credentials

Affected products

External IDs

vendor:	four-faith	model:	four-faith
vendor:	four-faith	model:	f3x24

db:

NVD

ids:

CVE-2024-12856

CVE-2024-11624 : Undeclared Permission Vulnerability in Android Devices by Google \| SecurityVulnerability.io Trust: 4.25 Fetched: Jan. 5, 2025, 9:34 a.m., Published: Jan. 3, 2025, 4:15 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2024-11624

CVE-2024-53835 : Biometric Bypass Vulnerability in Android Pixel Devices by Google \| SecurityVulnerability.io Trust: 4.0 Fetched: Jan. 5, 2025, 9:31 a.m., Published: Jan. 3, 2025, 4:15 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2024-53835

VARIoT news about IoT security