Sign-up

VARIoT news about IoT security

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: May 17, 2024, 9:51 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

Novel attack against virtually all VPN apps neuters their entire purpose | Ars Technica

Related entries in the VARIoT vulnerabilities database: VAR-202405-0458

Trust: 3.0

Fetched: May 17, 2024, 9:50 a.m., Published: May 6, 2024, 8:35 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-3661

New WiFi Vulnerability: The SSID Confusion Attack

Trust: 4.0

Fetched: May 17, 2024, 9:49 a.m., Published: May 14, 2024, midnight
 Vulnerabilities: traffic interception
Affected productsExternal IDs
vendor: mesh model: mesh

'Dirty Stream' attack: Tips to enhance security on Android devices

Trust: 4.5

Fetched: May 17, 2024, 9:48 a.m., Published: May 6, 2024, 12:45 p.m.
 Vulnerabilities: code execution, path traversal
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: google model: android

Urgent Action Needed: Critical Vulnerabilities Found in D-Link NAS Devices - PhoneWorld

Related entries in the VARIoT vulnerabilities database: VAR-202404-0070, VAR-202404-0069

Trust: 4.75

Fetched: May 17, 2024, 9:46 a.m., Published: May 15, 2024, 6:38 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dns-325
vendor: d-link model: dns-327l
vendor: d-link model: dns-340l
vendor: d-link model: dns-320l
db: NVD ids: CVE-2024-3273, CVE-2024-3272

CVE-2024-20378 - vulnerability database | Vulners.com

Trust: 3.75

Fetched: May 17, 2024, 9:46 a.m., Published: May 1, 2024, 4:41 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ip phone
vendor: cisco model: cisco ip phone firmware
db: NVD ids: CVE-2024-20378

What is NFC and how does it work? Here's everything you need to know

Trust: 3.25

Fetched: May 17, 2024, 9:42 a.m., Published: May 12, 2024, 7:49 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: home assistant model: home assistant
vendor: samsung model: mobile
vendor: apple model: iphone
vendor: apple model: watch
vendor: google model: android
vendor: google model: nexus
vendor: google model: home

Government warns against a vulnerability in Android devices, could allow hackers to steal personal information - India Today

Trust: 3.0

Fetched: May 17, 2024, 9:39 a.m., Published: May 14, 2024, 6:57 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

JCP | Free Full-Text | Understanding and Classifying Permanent Denial-of-Service Attacks

Related entries in the VARIoT vulnerabilities database: VAR-201905-1066, VAR-201904-0320, VAR-201612-0015, VAR-201803-1048

Trust: 4.25

Fetched: May 17, 2024, 9:38 a.m., Published: May 11, 2024, midnight
 Vulnerabilities: command execution, denial of service, command injection...
Affected productsExternal IDs
vendor: netgear model: router
vendor: netgear model: r6250
vendor: parallels model: tools
vendor: parallels model: desktop
vendor: tp-link model: routers
vendor: mikrotik model: router
vendor: mikrotik model: routers
db: NVD ids: CVE-2022-23968, CVE-2019-10999, CVE-2019-3929, CVE-2016-6277, CVE-2017-17215

Cisco Secure Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability

Trust: 4.25

Fetched: May 17, 2024, 9:36 a.m., Published: May 15, 2024, 3:50 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

About the security content of macOS Sonoma 14.4 - Apple Support

Trust: 4.25

Fetched: May 17, 2024, 9:33 a.m., Published: May 14, 2024, midnight
 Vulnerabilities: code execution, buffer overflow, authentication issue...
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
vendor: apple model: safari
vendor: apple model: webkit
vendor: apple model: macos
db: NVD ids: CVE-2024-23283, CVE-2024-23274, CVE-2024-23241, CVE-2024-23259, CVE-2024-27789, CVE-2024-23265, CVE-2024-23267, CVE-2024-23268, CVE-2024-23255, CVE-2024-23234, CVE-2024-23293, CVE-2024-23226, CVE-2024-23277, CVE-2024-23205, CVE-2024-23296, CVE-2024-23242, CVE-2024-23288, CVE-2024-23287, CVE-2024-23260, CVE-2024-23229, CVE-2024-23269, CVE-2023-51385, CVE-2024-23285, CVE-2024-23279, CVE-2024-23264, CVE-2024-23294, CVE-2024-23232, CVE-2024-23276, CVE-2024-23263, CVE-2024-23225, CVE-2024-23246, CVE-2024-23216, CVE-2024-23270, CVE-2024-23291, CVE-2024-23248, CVE-2024-23286, CVE-2023-48795, CVE-2024-23250, CVE-2024-23266, CVE-2023-42853, CVE-2024-23281, CVE-2024-23258, CVE-2024-23244, CVE-2024-23235, CVE-2024-23239, CVE-2024-23230, CVE-2024-23275, CVE-2024-23278, CVE-2024-23231, CVE-2024-23273, CVE-2024-23284, CVE-2022-42816, CVE-2024-23247, CVE-2024-23257, CVE-2024-23290, CVE-2024-23245, CVE-2024-23292, CVE-2024-23272, CVE-2024-23238, CVE-2023-51384, CVE-2024-23249, CVE-2024-23254, CVE-2024-23227, CVE-2024-0258, CVE-2024-23280, CVE-2024-23253, CVE-2024-23289, CVE-2024-23233, CVE-2022-48554

Cisco Crosswork Network Services Orchestrator Privilege Escalation Vulnerability

Trust: 3.0

Fetched: May 17, 2024, 9:31 a.m., Published: May 15, 2024, 3:50 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Millions of IoT Devices at Risk From Integrated Modem

Trust: 4.5

Fetched: May 17, 2024, 9:31 a.m., Published: May 5, 2024, midnight
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-47616, CVE-2023-47610, CVE-2023-47611

Xiaomi Phones Affected By 20+ Security Vulnerabilities

Trust: 3.75

Fetched: May 17, 2024, 9:30 a.m., Published: May 6, 2024, 5:08 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: xiaomi model: miui
vendor: google model: android

Cisco AppDynamics Network Visibility Service Denial of Service Vulnerability

Trust: 3.25

Fetched: May 17, 2024, 9:29 a.m., Published: May 15, 2024, 3:50 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day

Trust: 3.5

Fetched: May 17, 2024, 9:29 a.m., Published: May 5, 2024, midnight
 Vulnerabilities: command execution, authentication bypass, command injection
Affected productsExternal IDs
vendor: d-link model: router

Android smartphones at risk of ‘Dirty Stream’ attack via Google Play Store apps- Report | Tech News

Trust: 3.5

Fetched: May 17, 2024, 9:27 a.m., Published: May 6, 2024, 4:15 a.m.
 Vulnerabilities: code execution, path traversal
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: google model: android

New Android security flaw lets hackers seize control of apps - how to stay safe | Tom's Guide

Trust: 3.75

Fetched: May 17, 2024, 9:27 a.m., Published: May 5, 2024, 3:29 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

Top IoT platform vulnerabilities put 100+ million devices at risk - security cameras and baby monitors under threat | TechRadar

Trust: 5.0

Fetched: May 17, 2024, 9:27 a.m., Published: May 15, 2024, 1 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: roku model: roku
db: NVD ids: CVE-2023-6322, CVE-2023-6324, CVE-2023-6323, CVE-2023-6321

iOS 17.5 Kernel Vulnerability For Jailbreak Released - iDevice Central

Trust: 3.5

Fetched: May 17, 2024, 9:26 a.m., Published: May 14, 2024, 9:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: webkit
db: NVD ids: CVE-2024-27804, CVE-2024-27818