Sign-up

VARIoT news about IoT security

Command Injection Vulnerability in "RAISECOM" Gateway Devices || CVE-2024-7120 POC - YouTube

Trust: 4.75

Fetched: Sept. 16, 2024, 7:35 p.m., Published: Aug. 30, 2024, 6 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-7120

CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability

Trust: 4.5

Fetched: Sept. 16, 2024, 7:35 p.m., Published: Sept. 16, 2024, 11:26 p.m.
 Vulnerabilities: command injection, os command injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-8190

Critical Bluetooth vulnerability CVE-2023-45866 - YouTube

Trust: 3.25

Fetched: Sept. 16, 2024, 7:35 p.m., Published: July 7, 2024, 3:10 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-45866

CISA Adds Ivanti Cloud Services Appliance Vulnerability to Known Exploited Vulnerabilities Catalog (CVE-2024-8190)

Trust: 4.75

Fetched: Sept. 16, 2024, 7:34 p.m., Published: Sept. 16, 2024, 10:01 p.m.
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-8190

New Windows Zero-Day Exploited in Active Attacks | Black Hat Ethical Hacking

Trust: 4.75

Fetched: Sept. 16, 2024, 7:34 p.m., Published: Sept. 16, 2024, 9:26 a.m.
 Vulnerabilities: file execution
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2024-43461

16th September - Threat Intelligence Report - Check Point Research

Trust: 5.5

Fetched: Sept. 16, 2024, 7:32 p.m., Published: Sept. 16, 2024, 11:56 a.m.
 Vulnerabilities: command injection, privilege escalation, code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2024-38014, CVE-2024-8253, CVE-2024-8190, CVE-2024-43491, CVE-2024-29847

This devious malware looked to exploit braille characters to breach Windows security flaws | TechRadar

Trust: 4.0

Fetched: Sept. 16, 2024, 7:32 p.m., Published: Sept. 16, 2024, 2:02 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2024-43461

September 2024 Windows 11 KB5043076 KB5043067 Patches And 4 Zero Day Vulnerabilities 79 Flaws HTMD Blog

Trust: 3.5

Fetched: Sept. 16, 2024, 7:32 p.m., Published: Sept. 10, 2024, 5:52 p.m.
 Vulnerabilities: privilege escalation, information disclosure, security feature bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2024-38217, CVE-2024-38226, CVE-2024-43491, CVE-2024-38014

Can Your Wi-Fi Get Hacked? Yes. Yes It Can. Here's How to Secure Your Network - CNET

Trust: 3.75

Fetched: Sept. 16, 2024, 7:30 p.m., Published: May 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

Patch Tuesday September 2024: Upcoming Automatic Windows 11 22H2 Feature Update and EoS Windows 10 Security Update - N-able

Trust: 3.75

Fetched: Sept. 16, 2024, 7:28 p.m., Published: Sept. 12, 2024, 3:24 p.m.
 Vulnerabilities: security feature bypass, code execution, feature bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-43464, CVE-2024-38249, CVE-2020-17042, CVE-2024-38194, CVE-2024-38014, CVE-2024-38241, CVE-2024-38253, CVE-2024-38063, CVE-2024-38226, CVE-2024-38252, CVE-2024-43491, CVE-2024-38217, CVE-2024-38220, CVE-2024-38242, CVE-2024-38119, CVE-2024-38216, CVE-2024-38018

Protecting against digital disruption in manufacturing | Wipfli

Trust: 3.75

Fetched: Sept. 16, 2024, 7:28 p.m., Published: Sept. 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

The paranoid's guide to securing your smart home | PCWorld

Trust: 3.5

Fetched: Sept. 16, 2024, 7:27 p.m., Published: Sept. 10, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: google home

SonicWall devices are coming under attack from major assault | TechRadar

Trust: 5.0

Fetched: Sept. 16, 2024, 7:27 p.m., Published: Sept. 10, 2024, 11:07 a.m.
 Vulnerabilities: improper access control, access control vulnerability
Affected productsExternal IDs
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2024-40766

Multiple attacks force CISA to order agencies to upgrade or remove end-of-life Ivanti appliance

Trust: 3.25

Fetched: Sept. 16, 2024, 7:25 p.m., Published: Sept. 14, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-8190

Arctic Wolf Observes Akira Ransomware Campaign Targeting SonicWall SSLVPN Accounts | Arctic Wolf

Trust: 4.75

Fetched: Sept. 16, 2024, 7:24 p.m., Published: Sept. 6, 2024, 8:38 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: sonicos
vendor: sonicwall model: soho
vendor: sonicwall model: ssl-vpn
db: NVD ids: CVE-2024-40766

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Sept. 16, 2024, 7:23 p.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

INTEL-SA-01071

Trust: 4.75

Fetched: Sept. 16, 2024, 7:22 p.m., Published: Sept. 6, 2024, 8:35 p.m.
 Vulnerabilities: improper access control, information disclosure, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2023-43753, CVE-2023-22351, CVE-2023-42772, CVE-2024-21829, CVE-2023-23904, CVE-2023-25546, CVE-2024-21871, CVE-2023-41833, CVE-2023-43626, CVE-2024-21781, CVE-2024-23599

Wifi Vulnerability Affecting Windows Devices CVE-2024-30078 Explained. Update Now! - YouTube

Trust: 4.0

Fetched: Sept. 16, 2024, 7:22 p.m., Published: Aug. 16, 2024, 9:08 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: wifi
db: NVD ids: CVE-2024-30078

Falcon Content Update Remediation and Guidance Hub | CrowdStrike

Trust: 3.75

Fetched: Sept. 16, 2024, 7:22 p.m., Published: Sept. 10, 2024, 1:43 p.m.
 Vulnerabilities: system crash
Affected productsExternal IDs
vendor: canary model: canary

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: Sept. 16, 2024, 7:19 p.m., Published: Sept. 11, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei