VARIoT latest news about IoT security

Cisco CVE - OpenCVE Related entries in the VARIoT vulnerabilities database: VAR-200810-0010 Trust: 5.5 Fetched: Sept. 22, 2024, 9:34 a.m., Published: April 6, 2024, midnight	Vulnerabilities: cross-site scripting, command injection, improper validation...

Affected products

External IDs

vendor:	cisco	model:	nx-os 4.0
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	catalyst 9800
vendor:	cisco	model:	cisco small business switches
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	telepresence multipoint switch
vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	sd-wan solution
vendor:	cisco	model:	small business switches
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	rv130w
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	series wireless controllers
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	series
vendor:	cisco	model:	series switches
vendor:	cisco	model:	cisco telepresence recording server
vendor:	cisco	model:	wide area application services
vendor:	cisco	model:	cisco telepresence manager
vendor:	cisco	model:	telepresence manager
vendor:	cisco	model:	telepresence recording server
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	link layer discovery protocol
vendor:	cisco	model:	cisco ucs director
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	rv130
vendor:	cisco	model:	rv110w
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	anyconnect secure mobility client
vendor:	cisco	model:	routers
vendor:	cisco	model:	ios software
vendor:	cisco	model:	ucs director
vendor:	cisco	model:	cisco anyconnect secure mobility client
vendor:	cisco	model:	access points
vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	virtual wide area application services
vendor:	cisco	model:	nexus 5000
vendor:	cisco	model:	arrowpoint
vendor:	cisco	model:	rv215w
vendor:	cisco	model:	cisco telepresence
vendor:	cisco	model:	telepresence immersive endpoint
vendor:	cisco	model:	nexus
vendor:	cisco	model:	cisco sd-wan
vendor:	cisco	model:	small business
vendor:	cisco	model:	cisco telepresence multipoint switch
vendor:	cisco	model:	cisco ios xr

db:

NVD

ids:

CVE-2008-4609

Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report Trust: 3.0 Fetched: Sept. 22, 2024, 9:33 a.m., Published: Sept. 22, 2024, midnight	Vulnerabilities: -

Affected products	External IDs

Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report Trust: 3.0 Fetched: Sept. 22, 2024, 9:33 a.m., Published: Sept. 22, 2024, midnight	Vulnerabilities: -

Affected products	External IDs

Racing round and round: The little bug that could Trust: 4.5 Fetched: Sept. 22, 2024, 9:31 a.m., Published: July 29, 2024, midnight	Vulnerabilities: privilege escalation, memory leak, memory corruption...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-30089, CVE-2023-36802

Major Cisco security vulnerability gave hackers password access - Techerati Trust: 3.0 Fetched: Sept. 22, 2024, 9:31 a.m., Published: July 25, 2024, 10:59 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-20419, CVE-2024-20401

How to Perform a Pentest on IoT Devices Trust: 4.25 Fetched: Sept. 22, 2024, 9:30 a.m., Published: Sept. 3, 2024, midnight	Vulnerabilities: sql injection, cross-site scripting, privilege escalation...

Affected products

External IDs

vendor:

wireshark

model:

wireshark

SolarWinds patches actively exploited hardcoded credentials vulnerability Trust: 3.75 Fetched: Sept. 22, 2024, 9:29 a.m., Published: Aug. 22, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

solarwinds

model:

serv-u

db:

NVD

ids:

CVE-2024-28978, CVE-2024-28986, CVE-2024-28987

CVE-2024-7120 Vulnerability in RAISECOM Gateway Devices Exposes 25,000 Devices Trust: 5.0 Fetched: Sept. 22, 2024, 9:29 a.m., Published: Aug. 1, 2024, 2:58 a.m.	Vulnerabilities: command injection, code injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-7120

From Pwn2Own Automotive: A Stack-Based Buffer Overflow Vulnerability in JuiceBox 40 Smart EV Charging Station - VicOne Trust: 4.5 Fetched: Sept. 22, 2024, 9:28 a.m., Published: Sept. 22, 2040, midnight	Vulnerabilities: buffer overflow, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-23938

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Sept. 22, 2024, 9:26 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

Microsoft Windows Critical Vulnerability with CVE-2024-38063 Trust: 5.0 Fetched: Sept. 22, 2024, 9:26 a.m., Published: Aug. 16, 2024, 12:06 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-38063

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Sept. 22, 2024, 9:25 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Sept. 22, 2024, 9:25 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Sept. 22, 2024, 9:24 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Sept. 22, 2024, 9:23 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

Raptor Train Botnet Infects 260,000 Devices Globally Trust: 4.75 Fetched: Sept. 20, 2024, 10:03 a.m., Published: -	Vulnerabilities: command execution

Affected products

External IDs

vendor:	asus	model:	routers
vendor:	asus	model:	asus
vendor:	tp-link	model:	routers
vendor:	hikvision	model:	ip cameras
vendor:	hikvision	model:	hikvision
vendor:	draytek	model:	routers

Raptor Train Botnet Infects 260,000 Devices Globally Trust: 4.75 Fetched: Sept. 20, 2024, 10:02 a.m., Published: -	Vulnerabilities: command execution

Affected products

External IDs

vendor:	asus	model:	routers
vendor:	asus	model:	asus
vendor:	tp-link	model:	routers
vendor:	hikvision	model:	ip cameras
vendor:	hikvision	model:	hikvision
vendor:	draytek	model:	routers

High-risk vulnerabilities in common enterprise technologies \| Rapid7 Blog Trust: 4.5 Fetched: Sept. 20, 2024, 9:59 a.m., Published: Sept. 19, 2024, 8:45 p.m.	Vulnerabilities: code execution, privilege escalation

Affected products

External IDs

db:

NVD

ids:

CVE-2024-41874, CVE-2024-38813, CVE-2024-38812, CVE-2024-29847, CVE-2024-28812

U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog Trust: 3.75 Fetched: Sept. 20, 2024, 9:59 a.m., Published: Sept. 20, 2024, 7:09 a.m.	Vulnerabilities: command injection, path traversal, os command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8963, CVE-2024-8190

Vulnerabilities in Cellular Packet Cores Part IV Authentication \| Trend Micro (FI) Trust: 3.0 Fetched: Sept. 20, 2024, 9:56 a.m., Published: Sept. 18, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-20685

VARIoT news about IoT security