VARIoT latest news about IoT security

Qualys Survey of Top 10 Exploited Vulnerabilities in 2023 \| Qualys Security Blog Related entries in the VARIoT vulnerabilities database: VAR-202303-2580 Trust: 5.25 Fetched: May 22, 2024, 10:18 a.m., Published: Sept. 26, 2023, 1:04 p.m.	Vulnerabilities: security feature bypass, authentication bypass, remote command injection...

Affected products

External IDs

vendor:	barracuda	model:	barracuda
vendor:	barracuda networks	model:	barracuda

db:

NVD

ids:

CVE-2023-2868, CVE-2023-24880, CVE-2023-23397, CVE-2023-28252, CVE-2023-20887, CVE-2023-34362, CVE-2023-0669, CVE-2023-22952, CVE-2023-27350, CVE-2023-29059

Security vulnerabilities found affecting more than 80,000 Western Digital My Cloud NAS devices. Update now! - Comparitech Trust: 3.5 Fetched: May 22, 2024, 10:17 a.m., Published: Nov. 13, 2020, 11 a.m.	Vulnerabilities: command injection, code execution, directory traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2020-25765, CVE-2020-27160, CVE-2020-27158, CVE-2020-27744, CVE-2020-27159

HHS offers $50M to help providers patch ransomware vulnerabilities \| Healthcare IT News Trust: 3.0 Fetched: May 22, 2024, 10:12 a.m., Published: May 20, 2024, 8:26 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

System BIOS komputera Alienware Aurora Ryzen Edition \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: May 22, 2024, 10:11 a.m., Published: May 19, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

NETGEAR ReadyNAS Remote Unauthenticated Command Execution \| Tenable® Trust: 3.75 Fetched: May 22, 2024, 10:11 a.m., Published: April 2, 2024, midnight	Vulnerabilities: command execution

Affected products

External IDs

vendor:	perl	model:	perl
vendor:	netgear	model:	raidiator

The D-Link NAS device has a critical RCE vulnerability that affects tens of thousands of users - laitimes Related entries in the VARIoT vulnerabilities database: VAR-202404-0070 Trust: 5.75 Fetched: May 22, 2024, 10:10 a.m., Published: April 9, 2024, 11:04 a.m.	Vulnerabilities: denial of service, command injection, code execution

Affected products

External IDs

vendor:	d-link	model:	dns-325
vendor:	d-link	model:	dns-320l
vendor:	d-link	model:	dns-327l
vendor:	d-link	model:	dns-340l

db:

NVD

ids:

CVE-2024-3273

System BIOS komputera Dell OptiPlex 7450 AIO \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: May 22, 2024, 10:09 a.m., Published: May 22, 7450, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	optiplex
vendor:	dell	model:	bios
vendor:	dell	model:	optiplex 7450 aio

Information \| Free Full-Text \| Blockchain-Enhanced Sensor-as-a-Service (SEaaS) in IoT: Leveraging Blockchain for Efficient and Secure Sensing Data Transactions Trust: 3.75 Fetched: May 22, 2024, 10:07 a.m., Published: April 10, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

Xiaomi Android Devices Multiple Vulnerabilities Across Apps and System Components - 20240507002 - WA Cyber Security Unit (DGOV Technical) Trust: 5.0 Fetched: May 22, 2024, 10:07 a.m., Published: -	Vulnerabilities: command injection

Affected products

External IDs

vendor:

xiaomi

model:

miui

System BIOS komputera Dell OptiPlex 7450 AIO \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: May 22, 2024, 10:02 a.m., Published: May 22, 7450, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	optiplex
vendor:	dell	model:	bios
vendor:	dell	model:	optiplex 7450 aio

Beware of These Hardware Security Vulnerabilities \| Compass Computer Group, Inc. Trust: 4.25 Fetched: May 22, 2024, 10:02 a.m., Published: -	Vulnerabilities: default password

Affected products	External IDs

Baldur Trust: 3.5 Fetched: May 22, 2024, 10:01 a.m., Published: April 25, 2024, midnight	Vulnerabilities: authentication bypass, memory corruption, buffer overflow...

Affected products

External IDs

vendor:

canary

model:

canary

Hide Expert VPN \| New Wi-Fi vulnerabilities expose Android and Linux devices to hackers Trust: 3.25 Fetched: May 22, 2024, 10 a.m., Published: May 2, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-52160, CVE-2023-52161

IoT & Connected Devices: Applications, Examples, Security & Future of Ads Trust: 3.25 Fetched: May 22, 2024, 9:59 a.m., Published: March 7, 2024, 10:50 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	google	model:	home
vendor:	google	model:	android
vendor:	google	model:	google home
vendor:	roku	model:	streaming stick
vendor:	roku	model:	roku
vendor:	amazon	model:	fire tv

Beware of These Hardware Security Vulnerabilities \| TechSubluxation Trust: 4.25 Fetched: May 22, 2024, 9:59 a.m., Published: -	Vulnerabilities: default password

Affected products	External IDs

Cyber Security News Weekly Round-Up: Cyber Attacks, Vulnerabilities, Threats & New Cyber Stories Trust: 5.25 Fetched: May 22, 2024, 9:58 a.m., Published: May 3, 2024, midnight	Vulnerabilities: default password, code execution

Affected products

External IDs

vendor:	cisco	model:	industrial ethernet
vendor:	cisco	model:	meeting
vendor:	google	model:	chrome
vendor:	zoom	model:	client

db:

NVD

ids:

CVE-2024-25153, CVE-2024-21762, CVE-2024-2371, CVE-2024-27199, CVE-2024-27198, CVE-2024-24691, CVE-2024-2625

CVE-2021-47192 scsi: core: sysfs: Fix hang when device state... - vulnerability database \| Vulners.com Trust: 3.0 Fetched: May 22, 2024, 9:56 a.m., Published: April 10, 2024, 6:56 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-47192

stack.watch 👀 CVE-2024-3272 Related entries in the VARIoT vulnerabilities database: VAR-202404-0069 Trust: 5.5 Fetched: May 22, 2024, 9:56 a.m., Published: May 22, 2024, midnight	Vulnerabilities: command injection, code execution

Affected products

External IDs

vendor:	d-link	model:	dns-325
vendor:	d-link	model:	dns-320l
vendor:	d-link	model:	dns-327l
vendor:	d-link	model:	dns-340l

db:

NVD

ids:

CVE-2024-3272

Dell Precision 3581 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: May 22, 2024, 9:56 a.m., Published: May 22, 3581, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Vulnerabilities in D-Link NAS Devices: A Gateway for Malicious Exploits - Owlysec - Cyber Security News Related entries in the VARIoT vulnerabilities database: VAR-202404-0069, VAR-202404-0070 Trust: 4.5 Fetched: May 22, 2024, 9:54 a.m., Published: April 9, 2024, 3:13 p.m.	Vulnerabilities: command injection, command execution, arbitrary command execution

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	palo	model:	networks
vendor:	palo	model:	firewall
vendor:	d-link	model:	dns-327l
vendor:	d-link	model:	dns-340l
vendor:	d-link	model:	dns-325
vendor:	d-link	model:	dns-320l

db:

NVD

ids:

CVE-2024-3272, CVE-2024-3273

VARIoT news about IoT security