VARIoT latest news about IoT security

Security Advisory \| Rockwell Automation \| US Related entries in the VARIoT vulnerabilities database: VAR-202410-1035 Trust: 3.0 Fetched: Oct. 9, 2024, 9:51 a.m., Published: May 16, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-9124

Ivanti Patches CSA Appliance Against Vulnerabilities, Including Actively Exploited Flaws Trust: 4.0 Fetched: Oct. 9, 2024, 9:50 a.m., Published: Oct. 8, 2024, 2:53 p.m.	Vulnerabilities: code execution, sql injection, os command injection...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8963, CVE-2024-9379, CVE-2024-9381, CVE-2024-9380

Microsoft repairs 2 zero-days on October Patch Tuesday \| TechTarget Trust: 4.75 Fetched: Oct. 9, 2024, 9:49 a.m., Published: Oct. 8, 2024, midnight	Vulnerabilities: code execution, security feature bypass, feature bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43573, CVE-2024-20659, CVE-2024-43583, CVE-2024-43572, CVE-2024-43468, CVE-2024-6197

Akamai finds many systems with exposed CUPS vulnerability [LWN.net] Trust: 3.0 Fetched: Oct. 9, 2024, 9:49 a.m., Published: Oct. 5, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

cups

model:

cups

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Trust: 5.25 Fetched: Oct. 9, 2024, 9:43 a.m., Published: Oct. 7, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

Qualcomm issues response to possible spyware exploit within devices Trust: 5.0 Fetched: Oct. 9, 2024, 9:43 a.m., Published: Oct. 9, 2024, 5:32 a.m.	Vulnerabilities: input validation issue, memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43047, CVE-2024-33066

Microsoft’s October 2024 Patch Tuesday Addresses 117 CVEs (CVE-2024-43572, CVE-2024-43573) - Blog \| Tenable® Trust: 3.75 Fetched: Oct. 9, 2024, 9:42 a.m., Published: Oct. 8, 2024, 6:01 p.m.	Vulnerabilities: denial of service, code execution, security feature bypass...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-38261, CVE-2024-43583, CVE-2024-38124, CVE-2024-43589, CVE-2024-43592, CVE-2024-43593, CVE-2024-43573, CVE-2024-43611, CVE-2024-43599, CVE-2024-43572, CVE-2024-30040, CVE-2024-43468, CVE-2024-38265, CVE-2024-38212, CVE-2024-43549, CVE-2024-43453, CVE-2024-43461, CVE-2024-43564, CVE-2024-20659, CVE-2024-38259, CVE-2024-43608, CVE-2024-43533, CVE-2024-43607, CVE-2024-38112

Microsoft’s October 2024 Patch Tuesday Addresses Five Zero-days and 118 Vulnerabilities - VULNERA Trust: 5.0 Fetched: Oct. 9, 2024, 9:40 a.m., Published: Oct. 8, 2024, 6:16 p.m.	Vulnerabilities: code execution, security feature bypass, feature bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43573, CVE-2024-20659, CVE-2024-43583, CVE-2024-43572, CVE-2024-6197

Microsoft Targets 118 Vulnerabilities in October Patch Rollout -- Redmondmag.com Trust: 5.0 Fetched: Oct. 9, 2024, 9:40 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43573, CVE-2024-20659, CVE-2024-43583, CVE-2024-43572, CVE-2024-43488, CVE-2024-43468, CVE-2024-6197, CVE-2024-43582

CVE-2024-30078 Remote Code Execution Vulnerability Analysis and Exploitation - CYFIRMA Trust: 5.75 Fetched: Oct. 9, 2024, 9:39 a.m., Published: Aug. 22, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-30078

Qualcomm urges OEMs to patch after 'targeted' exploitation • The Register Trust: 4.75 Fetched: Oct. 9, 2024, 9:38 a.m., Published: -	Vulnerabilities: input validation issue, memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43047, CVE-2024-33066, CVE-2024-33065, CVE-2024-23369

The URL you requested has been blocked Trust: 3.5 Fetched: Oct. 9, 2024, 9:37 a.m., Published: Oct. 4, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8190

Security bulletins and fixes Trust: 5.25 Fetched: Oct. 9, 2024, 9:36 a.m., Published: July 28, 2024, midnight	Vulnerabilities: code execution, privilege escalation, memory leak...

Affected products

External IDs

vendor:	cups	model:	cups
vendor:	mesh	model:	mesh

db:

NVD

ids:

CVE-2021-47311, CVE-2023-52813, CVE-2023-52781, CVE-2024-35845, CVE-2023-52464, CVE-2023-5090, CVE-2020-26555, CVE-2021-47069, CVE-2024-35235, CVE-2024-35854, CVE-2024-36007, CVE-2024-24762, CVE-2021-47073, CVE-2024-39936, CVE-2024-6409, CVE-2024-26859, CVE-2024-26801, CVE-2023-52835, CVE-2024-26907, CVE-2024-35838, CVE-2024-32021, CVE-2024-35959, CVE-2021-47356, CVE-2021-47236, CVE-2021-46972, CVE-2024-26656, CVE-2024-35960, CVE-2024-36114, CVE-2024-26584, CVE-2023-52700, CVE-2024-35888, CVE-2024-35958, CVE-2024-32004, CVE-2024-26906, CVE-2023-52881, CVE-2021-47456, CVE-2024-26982, CVE-2024-35890, CVE-2024-26804, CVE-2024-26735, CVE-2024-26826, CVE-2024-35835, CVE-2023-52669, CVE-2023-52878, CVE-2024-32020, CVE-2024-26583, CVE-2023-52615, CVE-2023-52626, CVE-2024-32002, CVE-2024-35789, CVE-2023-52703, CVE-2023-25613, CVE-2024-26759, CVE-2024-32465, CVE-2023-52560, CVE-2024-35855, CVE-2023-52667, CVE-2024-26974, CVE-2021-46909, CVE-2024-6387, CVE-2021-47310, CVE-2023-52675, CVE-2024-35853, CVE-2023-52877, CVE-2024-27410, CVE-2024-26585, CVE-2023-52686, CVE-2021-47495, CVE-2024-35852, CVE-2024-27397, CVE-2021-47353, CVE-2024-36004, CVE-2024-26675, CVE-2024-26130

CVE-2024-34618: Samsung Mobile Device Vulnerability and Mitigation Trust: 4.75 Fetched: Oct. 9, 2024, 9:35 a.m., Published: Aug. 9, 2024, midnight	Vulnerabilities: improper access control

Affected products

External IDs

vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung mobile
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	samsung

db:

NVD

ids:

CVE-2024-34618

Qualcomm Vulnerability (CVE-2024-43047) Explained Trust: 5.75 Fetched: Oct. 9, 2024, 9:34 a.m., Published: Oct. 8, 2024, 6:29 a.m.	Vulnerabilities: memory corruption

Affected products

External IDs

vendor:

trend

model:

security

db:

NVD

ids:

CVE-2024-43047

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability Trust: 5.0 Fetched: Oct. 9, 2024, 9:28 a.m., Published: Sept. 14, 2024, 4:12 a.m.	Vulnerabilities: os command injection, code execution, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8190, CVE-2024-29847

Navigating the Threat Landscape of IoT: An Analysis of Attacks \| SpringerLink Trust: 4.0 Fetched: Oct. 9, 2024, 9:26 a.m., Published: Oct. 9, 2024, midnight	Vulnerabilities: cross-site scripting, data injection, sql injection...

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	axis	model:	communications
vendor:	axis	model:	axis
vendor:	cisco	model:	wireless access point
vendor:	axis communications	model:	communications
vendor:	axis communications	model:	axis

Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability - Cisco Trust: 3.75 Fetched: Oct. 9, 2024, 9:26 a.m., Published: Oct. 2, 2024, 11:15 a.m.	Vulnerabilities: command execution, arbitrary command execution

Affected products

External IDs

vendor:

cisco

model:

nexus

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability Trust: 4.0 Fetched: Oct. 9, 2024, 9:24 a.m., Published: Oct. 5, 2024, 4:50 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	macos
vendor:	apple	model:	ipad air

db:

NVD

ids:

CVE-2024-44204, CVE-2024-44207

The Rise Of IoT Vulnerabilities: Keeping Your Smart Home Secure - ITU Online Trust: 3.25 Fetched: Oct. 9, 2024, 9:23 a.m., Published: Oct. 1, 2024, 6:42 p.m.	Vulnerabilities: -

Affected products	External IDs

VARIoT news about IoT security