Sign-up

VARIoT news about IoT security

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

Related entries in the VARIoT vulnerabilities database: VAR-202309-2171, VAR-202310-1699

Trust: 5.5

Fetched: Oct. 2, 2024, 11:07 a.m., Published: July 4, 2024, 9:10 a.m.
 Vulnerabilities: input validation vulnerability, information disclosure, code execution
Affected productsExternal IDs
vendor: rockwell automation model: factorytalk linx
vendor: rockwell automation model: automation panelview plus
vendor: rockwell automation model: factorytalk view
vendor: rockwell automation model: automation panelview
vendor: rockwell automation model: factorytalk
vendor: rockwell model: factorytalk linx
vendor: rockwell model: automation panelview plus
vendor: rockwell model: factorytalk view
vendor: rockwell model: automation panelview
vendor: rockwell model: factorytalk
db: NVD ids: CVE-2023-2071, CVE-2024-23692, CVE-2023-29464

Remote Code Execution (RCE) Explained in Detail | Splunk

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202104-0752

Trust: 4.75

Fetched: Oct. 2, 2024, 11:05 a.m., Published: Oct. 24, 2024, midnight
 Vulnerabilities: buffer overflow, code execution, code injection...
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2019-8942, CVE-2021-1844, CVE-2020-17051

The latest on vulnerability research - The GitHub Blog

Trust: 4.0

Fetched: Oct. 2, 2024, 11:04 a.m., Published: Sept. 26, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-6241

Secure Boot rendered useless, over 200 PC models from different makers are affected | TechSpot

Trust: 3.0

Fetched: Oct. 2, 2024, 11:02 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Firmware Vulnerability in Poly Clariti Manager Devices (CVE-2024-41913) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 3.25

Fetched: Oct. 2, 2024, 11:02 a.m., Published: Aug. 6, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-41913

Best antivirus software 2024 for PC and Mac | TechRadar

Trust: 3.25

Fetched: Oct. 2, 2024, 11 a.m., Published: March 8, 2022, 2:58 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: avira model: antivirus
vendor: trend model: micro internet security
vendor: trend model: micro maximum security
vendor: trend model: trend micro antivirus
vendor: trend model: antivirus
vendor: trend model: security
vendor: trend model: password manager
vendor: trend model: internet security
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: watch
vendor: apple model: macos
vendor: trend micro model: micro internet security
vendor: trend micro model: micro maximum security
vendor: trend micro model: trend micro antivirus
vendor: trend micro model: antivirus
vendor: trend micro model: security
vendor: trend micro model: password manager
vendor: trend micro model: internet security
vendor: avast model: anti-virus
vendor: avast model: antivirus
vendor: google model: home
vendor: google model: google home
vendor: google model: android

Mobile Security Threats in 2025: How to Protect Your Devices

Trust: 4.0

Fetched: Oct. 2, 2024, 10:56 a.m., Published: Oct. 2, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

CVE-2024-45032: Industrial Edge Device Token Impersonation Vulnerability - DEC Solutions Group

Trust: 3.25

Fetched: Oct. 2, 2024, 10:55 a.m., Published: Sept. 10, 2024, 10:31 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-45032

Microsoft patches CVE-2024-38063 IPv6 RCE vulnerability • The Register

Trust: 5.75

Fetched: Oct. 2, 2024, 10:55 a.m., Published: -
 Vulnerabilities: cross-site scripting, information disclosure, feature bypass...
Affected productsExternal IDs
vendor: ahnlab model: engine
db: NVD ids: CVE-2024-38106, CVE-2024-38140, CVE-2024-38202, CVE-2024-38107, CVE-2024-38166, CVE-2024-21302, CVE-2024-38189, CVE-2024-38213, CVE-2024-38199, CVE-2024-38178, CVE-2024-38200, CVE-2024-38160, CVE-2024-38063, CVE-2024-38109, CVE-2024-38159, CVE-2024-41730, CVE-2024-38206, CVE-2024-38193

Network Vulnerabilities 101: Types and Prevention Methods | Okta

Trust: 3.0

Fetched: Oct. 2, 2024, 10:54 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs

Samsung says August 2024 security patch is critical for its devices - SamMobile

Trust: 3.0

Fetched: Oct. 2, 2024, 10:52 a.m., Published: July 19, 2024, 5:21 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung

CVE-2024-47527 - Exploits & Severity - Feedly

Trust: 4.0

Fetched: Oct. 2, 2024, 10:49 a.m., Published: Oct. 1, 2024, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2024-47527

PKFail puts hundreds of computers and laptops at risk and renders Secure Boot useless on them

Related entries in the VARIoT vulnerabilities database: VAR-201609-0149

Trust: 3.75

Fetched: Oct. 2, 2024, 10:48 a.m., Published: July 26, 2024, 2:46 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
db: NVD ids: CVE-2016-5247

Bluetooth Flaw: Multi-OS Takeover Risk! 🚨📱 - Impulsec

Trust: 4.5

Fetched: Oct. 2, 2024, 10:46 a.m., Published: Jan. 17, 2024, 10:54 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macbook air
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: macbook pro
vendor: apple model: macbook
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2024-21306, CVE-2023-45866

Secure Boot is completely broken on 200+ models from 5 big device makers | Ars Technica

Trust: 3.0

Fetched: Oct. 2, 2024, 10:45 a.m., Published: July 25, 2024, 6 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Android Developers Blog: Making security easy: How we are helping you fix vulnerabilities in your Android apps

Trust: 3.75

Fetched: Oct. 2, 2024, 10:44 a.m., Published: -
 Vulnerabilities: directory traversal
Affected productsExternal IDs
vendor: google model: android

CVE-2024-6242 - Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices - SecAlerts

Trust: 3.0

Fetched: Oct. 2, 2024, 10:44 a.m., Published: Oct. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-6242

Critical Security Bypass Vulnerability Found in Rockwell Automation ControlLogix 1756 Devices - VULNERA

Trust: 4.75

Fetched: Oct. 2, 2024, 10:43 a.m., Published: Aug. 5, 2024, 6:07 a.m.
 Vulnerabilities: security bypass
Affected productsExternal IDs
vendor: rockwell automation model: automation controllogix
vendor: rockwell automation model: controllogix controller
vendor: rockwell automation model: controllogix
vendor: rockwell model: automation controllogix
vendor: rockwell model: controllogix controller
vendor: rockwell model: controllogix
db: NVD ids: CVE-2024-6242

Cisco Smart Software Manager Flaw let Attackers Change Any User Passwords

Trust: 3.0

Fetched: Oct. 2, 2024, 10:42 a.m., Published: July 18, 2024, 3:45 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-20419

RomPager - Evaluation of Security Vulnerability - VU#561444 Expanded info on CVE-2014-9222, CVE-2014 | Digi International

Related entries in the VARIoT vulnerabilities database: VAR-201412-0434

Trust: 4.5

Fetched: Oct. 2, 2024, 10:40 a.m., Published: Oct. 2, 2014, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: digi model: anywhereusb
vendor: digi international model: anywhereusb
db: NVD ids: CVE-2014-9223, CVE-2014-9222