Sign-up

VARIoT news about IoT security

Microchip ASF Vulnerability Exposes IoT Devices to RCE

Trust: 5.0

Fetched: Sept. 29, 2024, 10:21 a.m., Published: Sept. 23, 2024, 12:07 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-7490, CVE-2024-20017

Zyxel security advisory for buffer overflow vulnerabilities in some 5G NR CPE, DSL/Ethernet CPE, Fiber ONT, and Wi-Fi extender devices | Global | Zyxel Service Providers

Trust: 3.0

Fetched: Sept. 29, 2024, 10:20 a.m., Published: Sept. 29, 2024, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs

Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120, (Tue, Sep 24th) - Cybersafe NV

Trust: 4.75

Fetched: Sept. 29, 2024, 10:19 a.m., Published: Sept. 24, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: tplink model: routers
vendor: tplink model: gateway
db: NVD ids: CVE-2024-7120

NVIDIA AI Container Toolkit Vulnerability Fix | Trend Micro (FI)

Trust: 4.5

Fetched: Sept. 29, 2024, 10:18 a.m., Published: Sept. 27, 2024, midnight
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2024-0132

Critical Linux bug is CUPS-based remote-code execution hole • The Register

Trust: 5.25

Fetched: Sept. 29, 2024, 10:18 a.m., Published: -
 Vulnerabilities: arbitrary command execution, buffer overflow, command execution...
Affected productsExternal IDs
vendor: canonical model: ubuntu
vendor: cups model: cups
db: NVD ids: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177

System BIOS komputerów Dell Inspiron 15 3511 i Vostro 15 3510 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Sept. 29, 2024, 10:17 a.m., Published: Sept. 10, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

NVIDIA AI Container Toolkit Vulnerability Fix

Trust: 4.75

Fetched: Sept. 29, 2024, 10:14 a.m., Published: Sept. 27, 2024, midnight
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-0132

Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120 - SANS Internet Storm Center

Trust: 4.75

Fetched: Sept. 29, 2024, 10:14 a.m., Published: April 9, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: tplink model: routers
vendor: tplink model: gateway
db: NVD ids: CVE-2024-7120

Flax Typhoon: From IT to IoT; Calming the storm with runZero

Trust: 3.75

Fetched: Sept. 29, 2024, 10:12 a.m., Published: Sept. 26, 2024, noon
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote... - vulnerability database | Vulners.com

Trust: 4.75

Fetched: Sept. 29, 2024, 10:12 a.m., Published: Sept. 23, 2024, 9:58 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-7490, CVE-2024-20017

NVIDIA AI Container Toolkit Vulnerability Fix | Trend Micro (UK)

Trust: 4.5

Fetched: Sept. 29, 2024, 10:11 a.m., Published: Sept. 27, 2024, midnight
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2024-0132

Customer Advisory: New Remote Code Execution Vulnerability in printing facility (‘CUPS’) commonly found on Linux and similar systems | Ontinue

Trust: 4.25

Fetched: Sept. 29, 2024, 10:09 a.m., Published: Sept. 27, 2024, 9:11 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: apple model: cups
vendor: cups model: cups

NVIDIA AI Container Toolkit Vulnerability Fix | Trend Micro (US)

Trust: 4.5

Fetched: Sept. 29, 2024, 10:08 a.m., Published: Sept. 27, 2024, midnight
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2024-0132

Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120, (Tue, Sep 24th) - Iron Castle Systems

Trust: 4.75

Fetched: Sept. 29, 2024, 10:03 a.m., Published: Sept. 24, 2024, 2:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: tplink model: routers
vendor: tplink model: gateway
db: NVD ids: CVE-2024-7120

Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120 - SANS Internet Storm Center

Trust: 4.75

Fetched: Sept. 29, 2024, 10:02 a.m., Published: April 9, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: tplink model: routers
vendor: tplink model: gateway
db: NVD ids: CVE-2024-7120

CVE-2024-9166 - Apache Device Remote Command Execution Vulnerability

Trust: 4.25

Fetched: Sept. 29, 2024, 9:59 a.m., Published: Sept. 26, 2024, 5:15 p.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-9166

CVE-2024-21416: Critical Windows TCP/IP Remote Code Execution Vulnerability Explained | Windows Forum

Trust: 5.0

Fetched: Sept. 29, 2024, 9:58 a.m., Published: May 29, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21416

Cisco IOS Software on Cisco Industrial Ethernet Series Switches Access Control List Bypass Vulnerability - Cisco

Trust: 3.0

Fetched: Sept. 29, 2024, 9:52 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: industrial ethernet series switches
vendor: cisco model: ios xe software
vendor: cisco model: series
vendor: cisco model: ios software
vendor: cisco model: ios xe
vendor: cisco model: industrial ethernet
vendor: cisco model: cisco ios
vendor: cisco model: series switches

What is a CVE?

Trust: 3.25

Fetched: Sept. 29, 2024, 9:51 a.m., Published: Sept. 4, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2019-1234567

Top Tools for Effective Vulnerability Scanning - Eurofins Digital Testing

Trust: 3.5

Fetched: Sept. 29, 2024, 9:49 a.m., Published: Sept. 11, 2024, 1:49 p.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: wireshark model: wireshark