VARIoT latest news about IoT security

Critical Vulnerability in PHP-CGI (CVE-2024-4577) Trust: 3.75 Fetched: Aug. 30, 2024, 9:15 a.m., Published: June 6, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-4577

Shimano Di2 vulnerability: let’s talk about device security in sports - Riscure Trust: 3.75 Fetched: Aug. 30, 2024, 9:13 a.m., Published: Aug. 23, 2024, 10:53 a.m.	Vulnerabilities: replay attack

Affected products

External IDs

vendor:

parallels

model:

tools

Cisco NX-OS Software Command Injection Vulnerability - Cisco Trust: 5.0 Fetched: Aug. 30, 2024, 9:12 a.m., Published: Aug. 28, 2024, 11:15 a.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:	cisco	model:	nexus 1000v
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	series switches
vendor:	cisco	model:	1000v
vendor:	cisco	model:	series
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	nexus

Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service Vulnerability Trust: 4.0 Fetched: Aug. 30, 2024, 9:12 a.m., Published: Aug. 28, 2024, 3:51 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	nexus 1000v
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	series switches
vendor:	cisco	model:	1000v
vendor:	cisco	model:	series
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	nexus

Alienware Aurora R15 AMD System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Aug. 28, 2024, 9:37 a.m., Published: Aug. 28, 2024, 3 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Dell OptiPlex 7450 All-In-One System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Aug. 28, 2024, 9:36 a.m., Published: Aug. 28, 7450, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	dell	model:	optiplex

Dell Latitude 5350 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Aug. 28, 2024, 9:35 a.m., Published: Aug. 28, 5350, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	dell	model:	bios

Critical Vulnerability in D-Link Devices Could Lead to Command Injection (CVE-2024-7715) \| SecurityVulnerability.io - SecuirtyVulnerability.io Trust: 6.0 Fetched: Aug. 28, 2024, 9:31 a.m., Published: -	Vulnerabilities: command injection

Affected products

External IDs

vendor:	d-link	model:	dnr-326
vendor:	d-link	model:	dnr-322l
vendor:	d-link	model:	dns-325
vendor:	d-link	model:	dns-323
vendor:	d-link	model:	dns-340l
vendor:	d-link	model:	dns-327l
vendor:	d-link	model:	dns-320lw
vendor:	d-link	model:	dns-345
vendor:	d-link	model:	dns-320
vendor:	d-link	model:	dns-320l

db:

NVD

ids:

CVE-2024-7715

Alienware Area-51m R2 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Aug. 28, 2024, 9:31 a.m., Published: Aug. 27, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access Trust: 4.5 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 26, 2024, 2:33 p.m.	Vulnerabilities: improper access control, access control vulnerability, access control bug

Affected products

External IDs

vendor:	google	model:	nexus
vendor:	sonicwall	model:	secure mobile access
vendor:	sonicwall	model:	remote access
vendor:	sonicwall	model:	switch
vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho
vendor:	cisco	model:	nexus
vendor:	cisco	model:	soho

db:

NVD

ids:

CVE-2024-40766

Huawei EulerOS: Security Advisory for device-mapper-multipat... - vulnerability database \| Vulners.com Trust: 4.75 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 22, 2024, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:

huawei

model:

huawei

db:

NVD

ids:

CVE-2022-41973, CVE-2022-41974

SonicWall pushes patch for critical vulnerability in SonicOS platform \| CyberScoop Trust: 3.75 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 26, 2024, 3:58 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	sonicwall	model:	secure mobile access
vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho

db:

NVD

ids:

CVE-2024-40766

SonicWall patches critical vulnerability in several firewalls Trust: 5.0 Fetched: Aug. 28, 2024, 9:28 a.m., Published: Aug. 27, 2024, midnight	Vulnerabilities: improper access control, access control vulnerability

Affected products

External IDs

vendor:

sonicwall

model:

sonicos

db:

NVD

ids:

CVE-2024-40766

Critical SonicWall SonicOS vulnerability fixed \| SC Media Trust: 5.5 Fetched: Aug. 28, 2024, 9:22 a.m., Published: June 11, 2024, 5 p.m.	Vulnerabilities: improper access control, access control vulnerability

Affected products

External IDs

vendor:	sonicwall	model:	switch
vendor:	sonicwall	model:	sonicos

db:

NVD

ids:

CVE-2024-40766

Product Notice: Improper Access Control Vulnerability in SonicOS \| SonicWall Trust: 3.75 Fetched: Aug. 28, 2024, 9:22 a.m., Published: -	Vulnerabilities: improper access control, access control vulnerability

Affected products

External IDs

vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho

Intel® Active Management Technology (Intel® AMT) and... Trust: 3.0 Fetched: Aug. 27, 2024, 9:25 a.m., Published: July 28, 2020, 5:04 p.m.	Vulnerabilities: information disclosure, denial of service

Affected products	External IDs

Protecting Kaspersky Endpoint Security for Android against removal Trust: 3.0 Fetched: Aug. 27, 2024, 9:23 a.m., Published: April 27, 2019, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile

The Facts Behind Smart Home Hacking (and How to Stop Worrying) - CNET Trust: 3.25 Fetched: Aug. 27, 2024, 9:10 a.m., Published: May 27, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	huawei	model:	huawei
vendor:	dahua	model:	camera
vendor:	tp-link	model:	routers

Update now! Google Pixel vulnerability is under active exploitation \| Malwarebytes Trust: 3.75 Fetched: Aug. 27, 2024, 9:07 a.m., Published: June 13, 2024, 1:33 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2024-32896

Kaspersky finds 24 vulnerabilities in Chinese biometric access systems Trust: 3.75 Fetched: Aug. 27, 2024, 9:06 a.m., Published: June 11, 2024, 11 a.m.	Vulnerabilities: sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2023-3942, CVE-2023-3940, CVE-2023-3939, CVE-2023-3938, CVE-2023-3943, CVE-2023-3941

VARIoT news about IoT security