VARIoT latest news about IoT security

Windows MSHTML Zero-Day Vulnerability Exploited In The Wild Trust: 3.0 Fetched: Sept. 16, 2024, 6:43 p.m., Published: Sept. 16, 2024, 1:50 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43461, CVE-2024-38112

CVE-2024-33896 - Cosy+ Devices Code Injection Vulnerability Trust: 5.0 Fetched: Sept. 16, 2024, 6:43 p.m., Published: Aug. 2, 2024, 6:16 p.m.	Vulnerabilities: code injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-33896

CVE-2024-7581 - Tenda A301 Stack-Based Buffer Overflow Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-202408-0167 Trust: 4.75 Fetched: Sept. 16, 2024, 6:42 p.m., Published: Aug. 7, 2024, 3:15 p.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2024-7581

CVE-2024-45032 - Industrial Edge Management Device Token Impersonation Vulnerability Trust: 3.0 Fetched: Sept. 16, 2024, 6:41 p.m., Published: Sept. 10, 2024, 10:15 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-45032

Cisco IOS XR Software Network Convergence System Denial of Service Vulnerability Trust: 3.75 Fetched: Sept. 16, 2024, 6:40 p.m., Published: Sept. 11, 2024, 3:46 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	ios xr
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	network convergence system
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	cisco ios

Modules 13 - 17: Threats and Attacks Group Exam (Answers) Trust: 5.25 Fetched: Sept. 16, 2024, 6:39 p.m., Published: Aug. 31, 2024, 3:55 a.m.	Vulnerabilities: buffer overflow, session hijacking, resource exhaustion...

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios

Cisco IOS XR Software Segment Routing for Intermediate System-to-Intermediate System Denial of Service Vulnerability - Cisco Trust: 3.75 Fetched: Sept. 16, 2024, 6:30 p.m., Published: Sept. 11, 2024, 11:36 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios software
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	cisco ios

Unquoted Executable Path Vulnerability Affects Hitachi Device Manager on Windows (CVE-2024-5963) \| SecurityVulnerability.io - SecuirtyVulnerability.io Trust: 4.0 Fetched: Sept. 16, 2024, 6:30 p.m., Published: Aug. 6, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	hitachi	model:	hitachi device manager
vendor:	hitachi	model:	device manager

db:

NVD

ids:

CVE-2024-5963

Microsoft Copilot Fixes ASCII Smuggling Vulnerability Trust: 3.0 Fetched: Aug. 30, 2024, 9:25 a.m., Published: Aug. 19, 2024, midnight	Vulnerabilities: injection attack

Affected products	External IDs

State-backed attackers and commercial surveillance vendors repeatedly use the same exploits Related entries in the VARIoT vulnerabilities database: VAR-202104-0753 Trust: 3.5 Fetched: Aug. 30, 2024, 9:23 a.m., Published: Aug. 29, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	google	model:	google chrome

db:

NVD

ids:

CVE-2021-1879

Unpatched security cameras fuel 'Corona Mirai' botnet surge Related entries in the VARIoT vulnerabilities database: VAR-201803-1048, VAR-201505-0274 Trust: 3.75 Fetched: Aug. 30, 2024, 9:23 a.m., Published: Aug. 29, 2024, 2:17 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	trend	model:	security
vendor:	huawei	model:	huawei

db:

NVD

ids:

CVE-2017-17215, CVE-2014-8361, CVE-2024-7029

What is Malware? Prevention, Detection and How Attacks Work Trust: 3.5 Fetched: Aug. 30, 2024, 9:21 a.m., Published: Aug. 30, 2023, midnight	Vulnerabilities: service disruption

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	trend micro	model:	internet security
vendor:	trend micro	model:	security
vendor:	trend micro	model:	antivirus
vendor:	trend	model:	internet security
vendor:	trend	model:	security
vendor:	trend	model:	antivirus
vendor:	sophos	model:	mobile
vendor:	sophos	model:	endpoint protection
vendor:	sophos	model:	firewall
vendor:	apple	model:	macos
vendor:	cisco	model:	router
vendor:	symantec	model:	endpoint protection
vendor:	symantec	model:	antivirus

8 Chrome Vulnerabilities and Actions to Secure Your Assets - Ordr Trust: 4.5 Fetched: Aug. 30, 2024, 9:20 a.m., Published: June 6, 2024, 3:15 p.m.	Vulnerabilities: heap corruption

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2024-4947, CVE-2024-05198, CVE-2024-2886, CVE-2024-5274, CVE-2024-47618, CVE-2024-49478, CVE-2024-2887, CVE-2024-31598, CVE-2024-46719, CVE-2024-4761, CVE-2024-4671, CVE-2024-0519, CVE-2024-3159, CVE-2024-52748

CVE-2024-20446 \| Tenable® Trust: 5.75 Fetched: Aug. 30, 2024, 9:20 a.m., Published: Aug. 28, 2024, midnight	Vulnerabilities: denial of service, process crash

Affected products

External IDs

vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	cisco nx-os

db:

NVD

ids:

CVE-2024-20446

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager Trust: 4.5 Fetched: Aug. 30, 2024, 9:19 a.m., Published: July 18, 2024, 6:01 a.m.	Vulnerabilities: path traversal, code execution

Affected products

External IDs

vendor:	cisco	model:	asyncos
vendor:	cisco	model:	advanced malware protection
vendor:	cisco	model:	cisco asyncos
vendor:	cisco	model:	nexus
vendor:	solarwinds	model:	serv-u
vendor:	google	model:	nexus

db:

NVD

ids:

CVE-2024-28995, CVE-2022-22948, CVE-2024-34102, CVE-2024-20419, CVE-2024-20401

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Aug. 30, 2024, 9:18 a.m., Published: Aug. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Aug. 30, 2024, 9:18 a.m., Published: Aug. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

Vulnerability in UniFi appliances? \| Ubiquiti Community Trust: 5.25 Fetched: Aug. 30, 2024, 9:17 a.m., Published: -	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:

ubiquiti

model:

unifi

db:

NVD

ids:

CVE-2022-39046

Zero Day Initiative - CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability Trust: 4.25 Fetched: Aug. 30, 2024, 9:17 a.m., Published: Aug. 28, 2024, 3 p.m.	Vulnerabilities: buffer overflow, code execution, heap corruption

Affected products

External IDs

vendor:	trendmicro	model:	security
vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2024-37079

Flaw (Computer Vulnerability) \| Cyber Glossary Trust: 3.0 Fetched: Aug. 30, 2024, 9:16 a.m., Published: Oct. 12, 2024, midnight	Vulnerabilities: buffer overflow

Affected products	External IDs

VARIoT news about IoT security