Sign-up

VARIoT news about IoT security

High-risk security flaw found in iPhones and other Apple products: Is your device safe?

Trust: 3.75

Fetched: Sept. 24, 2024, 9:59 a.m., Published: Sept. 23, 2024, 5:32 a.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: tvos
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: safari

Necro malware infects 11M+ Android devices via Google Play apps - SiliconANGLE

Trust: 3.0

Fetched: Sept. 24, 2024, 9:58 a.m., Published: Sept. 23, 2024, 10:45 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Networked “Smart” Chargers Pose a Bigger Security Risk Than Companies Realize - Safety - Automotive Fleet

Trust: 3.75

Fetched: Sept. 24, 2024, 9:58 a.m., Published: Sept. 23, 2024, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: essential model: phone

The TechCrunch Cyber Glossary | TechCrunch

Trust: 4.5

Fetched: Sept. 24, 2024, 9:57 a.m., Published: Sept. 22, 2024, 12:30 p.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs

SQL Injection Vulnerability (CVE-2024-5586) fixed in build 8121 | ManageEngine ADAudit Plus

Trust: 5.25

Fetched: Sept. 24, 2024, 9:57 a.m., Published: Sept. 24, 8121, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-5586

Vulnerabilities in Cellular Packet Cores Part IV Authentication | Trend Micro (US)

Trust: 3.0

Fetched: Sept. 24, 2024, 9:55 a.m., Published: Sept. 18, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-20685

Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report

Trust: 3.0

Fetched: Sept. 24, 2024, 9:54 a.m., Published: Sept. 24, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report

Trust: 3.0

Fetched: Sept. 24, 2024, 9:54 a.m., Published: Sept. 24, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Bitdefender & Netgear report reveals major IoT vulnerabilities

Trust: 3.0

Fetched: Sept. 24, 2024, 9:54 a.m., Published: June 28, 2024, 3:25 a.m.
 Vulnerabilities: -
Affected productsExternal IDs

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: Sept. 24, 2024, 9:52 a.m., Published: Sept. 11, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei

Access Denied

Trust: 3.25

Fetched: Sept. 24, 2024, 9:46 a.m., Published: Sept. 30, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

CVE-2024-5849 Pepperl+Fuchs: Device Master ICDM-RX/* XSS vul... - vulnerability database | Vulners.com

Trust: 3.0

Fetched: Sept. 24, 2024, 9:44 a.m., Published: Aug. 13, 2024, 12:32 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-5849

Windows 10/11 devices are at serious risk due to a newly discovered vulnerability. Here's everything you need to know

Trust: 5.25

Fetched: Sept. 24, 2024, 9:43 a.m., Published: Aug. 13, 2024, 9:42 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-6768

A Cyber Risk Assessment Approach to Federated Identity Management Framework-Based Digital Healthcare System

Trust: 4.5

Fetched: Sept. 24, 2024, 9:39 a.m., Published: Jan. 24, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: wifi

SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks

Related entries in the VARIoT vulnerabilities database: VAR-202409-1099, VAR-202409-0703

Trust: 5.75

Fetched: Sept. 24, 2024, 9:39 a.m., Published: Sept. 17, 2024, 4:34 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2024-45697, CVE-2024-45695, CVE-2024-28991, CVE-2024-28990, CVE-2024-45694

FreeBSD -- bhyve(8) privileged guest escape via TPM device p... - vulnerability database | Vulners.com

Trust: 3.0

Fetched: Sept. 24, 2024, 9:37 a.m., Published: Sept. 4, 2024, midnight
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs

Critical Vulnerabilities Found in iOS and macOS After iPhone 16 Launch: Update Now! | Tech News - News9live

Trust: 3.5

Fetched: Sept. 24, 2024, 9:36 a.m., Published: Sept. 23, 2024, 7:26 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
vendor: apple model: tvos
vendor: apple model: watchos
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: watch
vendor: apple model: safari
vendor: apple model: software update

Showcase.apk Exploit PoC: Remote Code Execution Vulnerability on Google Pixel Devices - Exploit PoC

Trust: 4.25

Fetched: Sept. 24, 2024, 9:35 a.m., Published: Aug. 17, 2024, 3:27 a.m.
 Vulnerabilities: code execution, command execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel

Zyxel Wi-Fi の脆弱性 CVE-2024-7261 (CVSS 9.8) が FIX:直ちにパッチ適用を! - IoT OT Security News

Trust: 3.25

Fetched: Sept. 24, 2024, 9:32 a.m., Published: Sept. 2, 2024, 8:36 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-7261, CVE-2024-29973

CVE-2024-46770 ice: Add netif_device_attach/detach into PF r... - vulnerability database | Vulners.com

Trust: 3.0

Fetched: Sept. 24, 2024, 9:29 a.m., Published: Sept. 18, 2024, 7:12 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-46770