VARIoT news about IoT security

Trust: 4.5

Fetched: July 27, 2024, 7:02 p.m., Published: -
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: baxter model: sigma spectrum infusion system
vendor: baxter model: spectrum infusion system
vendor: baxter model: prismaflex
vendor: baxter model: prismax
vendor: treck model: tcp/ip stack
db: NVD ids: CVE-2019-0708

Trust: 5.25

Fetched: July 27, 2024, 7:02 p.m., Published: July 2, 2024, 8:15 a.m.
Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-41921
Related entries in the VARIoT vulnerabilities database: VAR-202401-0919

Trust: 5.5

Fetched: July 27, 2024, 7:02 p.m., Published: July 2, 2024, 4:48 a.m.
Vulnerabilities: path traversal, code execution, command injection...
Affected productsExternal IDs
vendor: cisco model: nx-os software
vendor: cisco model: nx-os
vendor: cisco model: nexus
vendor: cisco model: series switches
vendor: cisco model: mds 9000 series
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus devices
vendor: cisco model: series
vendor: cisco model: mds 9000
vendor: cisco model: nexus 3000
vendor: cisco model: routers
vendor: cisco model: nexus 7000
vendor: cisco model: nexus 9000
vendor: cisco model: cisco nx-os
vendor: d-link model: dir-859
db: NVD ids: CVE-2024-20399, CVE-2024-0769
Related entries in the VARIoT vulnerabilities database: VAR-202309-2171

Trust: 5.5

Fetched: July 27, 2024, 7:01 p.m., Published: July 3, 2024, 10:01 a.m.
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: rockwell model: automation panelview plus
vendor: rockwell model: factorytalk view
vendor: rockwell model: factorytalk
vendor: rockwell model: automation panelview
vendor: rockwell model: rslogix
vendor: rockwell automation model: automation panelview plus
vendor: rockwell automation model: factorytalk view
vendor: rockwell automation model: factorytalk
vendor: rockwell automation model: automation panelview
vendor: rockwell automation model: rslogix
db: NVD ids: CVE-2023-2071

Trust: 3.5

Fetched: July 27, 2024, 7:01 p.m., Published: July 19, 2024, 2:54 p.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
db: NVD ids: CVE-2024-29745, CVE-2024-32896

Trust: 5.25

Fetched: July 27, 2024, 6:58 p.m., Published: July 26, 2024, 8:15 p.m.
Vulnerabilities: improper validation
Affected productsExternal IDs
db: NVD ids: CVE-2024-4786

Trust: 3.75

Fetched: July 27, 2024, 6:50 p.m., Published: July 17, 2024, 4 p.m.
Vulnerabilities: file upload vulnerability
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

Trust: 3.0

Fetched: July 27, 2024, 6:44 p.m., Published: July 16, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
Related entries in the VARIoT vulnerabilities database: VAR-201609-0149

Trust: 3.5

Fetched: July 27, 2024, 6:38 p.m., Published: July 5, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: asus model: asus
vendor: lenovo model: updates
db: NVD ids: CVE-2016-5247

Trust: 3.0

Fetched: July 27, 2024, 6:38 p.m., Published: -
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-3596

Trust: 3.5

Fetched: July 27, 2024, 6:31 p.m., Published: Oct. 27, 2024, midnight
Vulnerabilities: cross-site scripting, sql injection, command injection...
Affected productsExternal IDs

Trust: 3.5

Fetched: July 27, 2024, 6:30 p.m., Published: July 27, 2044, midnight
Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-30046

Trust: 3.75

Fetched: July 27, 2024, 6:27 p.m., Published: July 21, 2024, 12:21 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
db: NVD ids: CVE-2024-29745, CVE-2024-32896

Trust: 3.75

Fetched: July 27, 2024, 6:25 p.m., Published: July 6, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: galaxy
db: NVD ids: CVE-2024-29745, CVE-2024-32896

Trust: 5.25

Fetched: July 27, 2024, 6:23 p.m., Published: Aug. 24, 2030, midnight
Vulnerabilities: cross-site request forgery, information leak, denial of service...
Affected productsExternal IDs
vendor: canary model: canary
vendor: scada model: bacnet opc client
vendor: scada model: engine bacnet opc client
vendor: kmc controls model: bac-5051e
vendor: scada engine model: bacnet opc client
vendor: scada engine model: engine bacnet opc client
vendor: carel model: pcoweb
vendor: lutron model: quantum bacnet integration
vendor: siemens model: pxc00-e.d
vendor: siemens model: climatix bacnet/ip
vendor: siemens model: simotics connect 400
vendor: siemens model: pxc200-e.d
vendor: siemens model: apogee pxc
vendor: siemens model: pxc128-u
vendor: siemens model: nucleus readystart
vendor: siemens model: vstar
vendor: siemens model: apogee pxc compact
vendor: siemens model: apogee mbc
vendor: siemens model: pxm20-e
vendor: siemens model: pxc001-e.d
vendor: siemens model: pxc00-u
vendor: siemens model: pxc100-e.d
vendor: siemens model: pxc22.1-e.d
vendor: siemens model: pxc64-u
vendor: siemens model: apogee mec
vendor: siemens model: talon tc modular
vendor: siemens model: pxc50-e.d
vendor: siemens model: nucleus source code
vendor: siemens model: talon tc bacnet automation controllers
vendor: siemens model: simotics connect
vendor: siemens model: talon tc
vendor: siemens model: nucleus
vendor: siemens model: pxc36.1-e.d
vendor: siemens model: desigo pxm20
vendor: siemens model: talon tc compact
vendor: siemens model: nucleus net
vendor: siemens model: apogee pxc modular
db: NVD ids: CVE-2020-7574, CVE-2021-31882, CVE-2018-7278, CVE-2016-4495, CVE-2021-31888, CVE-2020-15795, CVE-2015-0980, CVE-2024-4511, CVE-2021-31881, CVE-2020-27738, CVE-2021-31884, CVE-2022-37122, CVE-2020-7575, CVE-2020-27009, CVE-2021-41545, CVE-2018-7277, CVE-2021-31890, CVE-2021-31344, CVE-2020-27737, CVE-2022-45937, CVE-2021-31345, CVE-2020-27736, CVE-2015-0981, CVE-2018-10238, CVE-2021-31886, CVE-2020-28388, CVE-2018-7276, CVE-2015-0979, CVE-2017-9946, CVE-2023-51773, CVE-2021-31885, CVE-2019-12480, CVE-2023-38405, CVE-2021-27391, CVE-2020-7233, CVE-2017-9947, CVE-2022-38371, CVE-2021-31883, CVE-2015-4174, CVE-2024-4292, CVE-2021-31346, CVE-2010-4740, CVE-2018-8880, CVE-2021-31889, CVE-2018-18878, CVE-2024-4791, CVE-2016-4494, CVE-2021-25677, CVE-2021-31887

Trust: 3.75

Fetched: July 27, 2024, 6:22 p.m., Published: July 27, 2023, midnight
Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-21887, CVE-2024-3400, CVE-2024-20399

Trust: 5.25

Fetched: July 27, 2024, 6:21 p.m., Published: Aug. 24, 2030, midnight
Vulnerabilities: denial of service, improper validation, information disclosure...
Affected productsExternal IDs
vendor: willcom model: wi-fi application
vendor: samsung model: mobile
vendor: samsung model: note
vendor: samsung model: mobile phones
vendor: samsung model: mobile devices
vendor: softbank model: wi-fi application
vendor: softbank model: wi-fi spot configuration software
vendor: softbank model: wisprclient
vendor: huawei model: mobile partner
vendor: huawei model: huawei
vendor: cisco model: jabber
vendor: cisco model: cisco anyconnect secure mobility client
vendor: cisco model: cisco jabber
vendor: cisco model: access points
vendor: cisco model: anyconnect vpn client
vendor: cisco model: anyconnect secure mobility client
vendor: cisco model: vpn client
vendor: cisco model: routers
db: NVD ids: CVE-2020-26085, CVE-2018-6968, CVE-2020-1204, CVE-2021-1569, CVE-2007-0111, CVE-2022-23167, CVE-2021-1417, CVE-2013-2310, CVE-2007-0878, CVE-2020-0989, CVE-2020-27127, CVE-2021-24084, CVE-2020-27132, CVE-2014-8359, CVE-2010-2990, CVE-2020-1372, CVE-2011-2039, CVE-2007-3445, CVE-2021-43880, CVE-2024-30001, CVE-2021-1570, CVE-2020-1330, CVE-2024-30012, CVE-2017-10168, CVE-2008-4540, CVE-2007-0685, CVE-2024-30003, CVE-2024-4944, CVE-2024-30004, CVE-2024-30021, CVE-2009-0244, CVE-2006-4614, CVE-2019-1314, CVE-2024-30000, CVE-2007-2883, CVE-2006-6902, CVE-2021-1471, CVE-2020-0854, CVE-2011-2041, CVE-2006-6908, CVE-2024-29997, CVE-2022-47577, CVE-2021-1469, CVE-2023-38186, CVE-2007-3351, CVE-2015-0925, CVE-2024-30005, CVE-2021-1411, CVE-2022-33711, CVE-2016-3302, CVE-2008-4295, CVE-2021-1418, CVE-2024-29998, CVE-2024-29999, CVE-2007-5460, CVE-2024-31215, CVE-2007-3362, CVE-2024-26220, CVE-2022-21992, CVE-2017-9247, CVE-2020-27134, CVE-2005-0324, CVE-2020-8948, CVE-2020-27133, CVE-2024-30002, CVE-2020-1405, CVE-2007-5493, CVE-2007-0674

Trust: 4.0

Fetched: July 27, 2024, 6:16 p.m., Published: July 9, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: asus
db: NVD ids: CVE-2024-3912

Trust: 4.0

Fetched: July 27, 2024, 6:09 p.m., Published: July 9, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: asus model: asus
vendor: asus model: router
db: NVD ids: CVE-2024-3080

Trust: 3.5

Fetched: July 27, 2024, 6:06 p.m., Published: July 26, 2024, 8:42 a.m.
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: lenovo model: bios
vendor: lenovo model: updates
vendor: lenovo model: system
vendor: dell model: bios