VARIoT latest news about IoT security

The Looming Threat of Unsecured IoT Devices: A Deep Dive Trust: 3.75 Fetched: Oct. 2, 2024, 10:02 a.m., Published: -	Vulnerabilities: code injection, denial of service

Affected products	External IDs

Mobile Threat Defense with Microsoft Intune - Microsoft Intune \| Microsoft Learn Trust: 3.5 Fetched: Oct. 2, 2024, 10:02 a.m., Published: Aug. 21, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	sophos	model:	endpoint protection
vendor:	sophos	model:	mobile
vendor:	trend	model:	security
vendor:	blackberry	model:	blackberry
vendor:	symantec	model:	symantec endpoint protection
vendor:	symantec	model:	endpoint protection
vendor:	trend micro	model:	security
vendor:	check point	model:	check point

Cybersecurity Vulnerabilities [Complete Guide] - Sprinto Trust: 3.5 Fetched: Oct. 2, 2024, 10:01 a.m., Published: Sept. 9, 2024, 11:32 a.m.	Vulnerabilities: weak password, sql injection

Affected products	External IDs

A Vulnerability in Cisco Secure Email Gateway Could Allow for Remote Code Execution Trust: 4.25 Fetched: Oct. 2, 2024, 9:58 a.m., Published: July 22, 2024, midnight	Vulnerabilities: code execution

Affected products	External IDs

Cisco SD-WAN vEdge Software UDP Packet Validation Denial of Service Vulnerability - Cisco Trust: 5.0 Fetched: Oct. 2, 2024, 9:58 a.m., Published: Sept. 25, 2024, 11:50 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	vedge
vendor:	cisco	model:	sd-wan vedge
vendor:	cisco	model:	cisco sd-wan vedge
vendor:	cisco	model:	cisco sd-wan
vendor:	cisco	model:	sd-wan

Vulnerability in Cisco Smart Software Manager lets attackers change any user password \| Ars Technica Trust: 4.0 Fetched: Oct. 2, 2024, 9:55 a.m., Published: July 17, 2024, 7:47 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-20419

Android Security Bulletin-August 2024 \| Android Open Source Project Related entries in the VARIoT vulnerabilities database: VAR-202408-2138, VAR-202408-1859 Trust: 4.25 Fetched: Oct. 2, 2024, 9:54 a.m., Published: Aug. 2, 2024, midnight	Vulnerabilities: code execution, information disclosure, denial of service

Affected products

External IDs

vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung
vendor:	samsung	model:	notes
vendor:	samsung	model:	note
vendor:	motorola	model:	android
vendor:	motorola	model:	motorola
vendor:	google	model:	pixel
vendor:	google	model:	android
vendor:	huawei	model:	huawei

db:

NVD

ids:

CVE-2024-34738, CVE-2024-34736, CVE-2023-20971, CVE-2024-34737, CVE-2023-21351, CVE-2024-34735, CVE-2024-34734, CVE-2024-23356, CVE-2024-31333, CVE-2024-23355, CVE-2024-34731, CVE-2024-21481, CVE-2024-34740, CVE-2024-34727, CVE-2024-34739, CVE-2024-23357, CVE-2024-23350, CVE-2024-34742, CVE-2024-34741, CVE-2024-23353, CVE-2024-2937, CVE-2024-23352, CVE-2024-36971, CVE-2024-4607, CVE-2024-20082, CVE-2024-34743

15 Best Vulnerability Assessment Scanning Tools (Free and Paid) for 2024 Trust: 4.25 Fetched: Oct. 2, 2024, 9:52 a.m., Published: June 30, 2021, 3:31 p.m.	Vulnerabilities: cross-site scripting, sql injection

Affected products

External IDs

vendor:	wireshark	model:	wireshark
vendor:	netbsd	model:	current
vendor:	tripwire	model:	ip360
vendor:	aircrack-ng	model:	aircrack-ng

PKfail Vulnerability Allows Hackers to Install UEFI Malware Trust: 3.5 Fetched: Oct. 2, 2024, 9:50 a.m., Published: July 26, 2024, 8:42 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	lenovo	model:	bios
vendor:	lenovo	model:	updates
vendor:	lenovo	model:	system

Security Advisory \| Rockwell Automation \| US Trust: 3.75 Fetched: Oct. 2, 2024, 9:50 a.m., Published: May 16, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	rockwell automation	model:	guardlogix
vendor:	rockwell automation	model:	controllogix
vendor:	rockwell	model:	guardlogix
vendor:	rockwell	model:	controllogix

db:

NVD

ids:

CVE-2024-6242

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! \| Malwarebytes Trust: 3.75 Fetched: Oct. 2, 2024, 9:49 a.m., Published: July 31, 2024, 1:04 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	apple tv
vendor:	apple	model:	watch
vendor:	apple	model:	ipad air
vendor:	apple	model:	macos
vendor:	apple	model:	iphone
vendor:	apple	model:	software update
vendor:	apple	model:	ipod touch
vendor:	apple	model:	safari
vendor:	apple	model:	ipad

The Vulnerability Relationship Prediction Research for Network Risk Assessment Related entries in the VARIoT vulnerabilities database: VAR-202202-0325, VAR-201605-0077, VAR-202202-0322 Trust: 4.5 Fetched: Oct. 2, 2024, 9:47 a.m., Published: Jan. 2, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	accesspath
vendor:	cisco	model:	series
vendor:	cisco	model:	rv340

db:

NVD

ids:

CVE-2019-2887, CVE-2020-1745, CVE-2022-20705, CVE-2016-2107, CVE-2022-20707, CVE-2019-2729

What Is an Authentication Bypass Vulnerability? \| StrongDM Trust: 3.5 Fetched: Oct. 2, 2024, 9:45 a.m., Published: Oct. 4, 2024, midnight	Vulnerabilities: authentication bypass, brute force attack, code execution

Affected products

External IDs

vendor:

delegate

model:

delegate

Secure by Design Alert: Eliminating OS Command Injection Vulnerabilities \| CISA Trust: 3.75 Fetched: Oct. 2, 2024, 9:44 a.m., Published: Oct. 2, 2023, midnight	Vulnerabilities: os command injection, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-20399, CVE-2024-3400, CVE-2024-21887

CERT-EU - Critical Vulnerabilities in Cisco Products Trust: 5.0 Fetched: Oct. 2, 2024, 9:44 a.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	asyncos
vendor:	cisco	model:	advanced malware protection
vendor:	cisco	model:	cisco asyncos

db:

NVD

ids:

CVE-2024-20419, CVE-2024-20401

Unquoted Executable Path Vulnerability Affects Hitachi Device Manager on Windows (CVE-2024-5963) \| SecurityVulnerability.io - SecuirtyVulnerability.io Trust: 4.0 Fetched: Oct. 2, 2024, 9:44 a.m., Published: Aug. 6, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	hitachi	model:	hitachi device manager
vendor:	hitachi	model:	device manager

db:

NVD

ids:

CVE-2024-5963

Android vulnerability used in targeted attacks patched by Google \| Malwarebytes Trust: 5.5 Fetched: Oct. 2, 2024, 9:43 a.m., Published: Aug. 6, 2024, 1:47 p.m.	Vulnerabilities: use after free, code execution

Affected products

External IDs

vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	android phone
vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung
vendor:	google	model:	android

db:

NVD

ids:

CVE-2024-36971

Security Profile: Vulnerability Protection Trust: 3.25 Fetched: Oct. 2, 2024, 9:41 a.m., Published: Sept. 10, 2024, midnight	Vulnerabilities: sql injection, command injection

Affected products

External IDs

vendor:	palo	model:	firewall
vendor:	palo	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	networks

DIVD-2024-00011 - Six vulnerabilities in Enphase IQ Gateway devices \| DIVD CSIRT Trust: 4.75 Fetched: Oct. 2, 2024, 9:40 a.m., Published: Oct. 2, 2024, midnight	Vulnerabilities: command execution

Affected products

External IDs

vendor:

enphase

model:

envoy

db:

NVD

ids:

CVE-2024-21878, CVE-2020-25754

Vulnerability in Security: A Complete Overview \| Simplilearn Trust: 3.75 Fetched: Oct. 2, 2024, 9:40 a.m., Published: Feb. 9, 2022, 5:54 a.m.	Vulnerabilities: denial of service

Affected products	External IDs

VARIoT news about IoT security