VARIoT latest news about IoT security

Vulnerabilities in BIG-IP Next Central Manager Trust: 4.75 Fetched: May 22, 2024, 11:50 a.m., Published: May 21, 2024, 4:56 p.m.	Vulnerabilities: request forgery, brute force attack, command execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-26026, CVE-2024-21793

CVE-2021-47472 net: mdiobus: Fix memory leak in __mdiobus_re... - vulnerability database \| Vulners.com Trust: 4.0 Fetched: May 22, 2024, 11:50 a.m., Published: May 22, 2024, 6:23 a.m.	Vulnerabilities: memory leak

Affected products

External IDs

db:

NVD

ids:

CVE-2021-47472

CVE-2023-52784 bonding: stop the device in bond_setup_by_sla... - vulnerability database \| Vulners.com Trust: 3.0 Fetched: May 22, 2024, 11:49 a.m., Published: May 21, 2024, 3:31 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-52784

CyberPower Power Device Network Utility Missing Authenticati... - vulnerability database \| Vulners.com Trust: 3.25 Fetched: May 22, 2024, 11:49 a.m., Published: May 17, 2024, midnight	Vulnerabilities: authentication vulnerability

Affected products	External IDs

Delta Electronics InfraSuite Device Master - vulnerability database \| Vulners.com Trust: 4.75 Fetched: May 22, 2024, 11:49 a.m., Published: May 9, 2024, noon	Vulnerabilities: code execution

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2023-46604

Millions Of IoT Devices Vulnerable To Attacks Leads To Full Takeover Trust: 4.75 Fetched: May 22, 2024, 11:48 a.m., Published: May 16, 2024, 4:29 p.m.	Vulnerabilities: buffer overflow, code execution

Affected products

External IDs

vendor:

roku

model:

roku

db:

NVD

ids:

CVE-2023-6324, CVE-2023-6322, CVE-2023-6323, CVE-2023-6321

Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202108-1856, VAR-202005-0222, VAR-202005-0223, VAR-202005-0473, VAR-202006-0946 Trust: 5.5 Fetched: May 22, 2024, 11:38 a.m., Published: May 1, 2024, midnight	Vulnerabilities: integer overflow, denial of service, application crash...

Affected products

External IDs

vendor:

node.js

model:

node.js

db:

NVD

ids:

CVE-2022-46908, CVE-2021-36690, CVE-2021-45346, CVE-2021-20223, CVE-2020-13630, CVE-2020-13632, CVE-2022-24854, CVE-2019-19923, CVE-2020-13631, CVE-2020-9327, CVE-2021-42169, CVE-2022-21227, CVE-2023-32697, CVE-2019-19926, CVE-2020-13434, CVE-2020-6405, CVE-2020-11656, CVE-2019-19646, CVE-2019-19925, CVE-2023-39939, CVE-2021-23404, CVE-2023-39543, CVE-2022-38627, CVE-2020-13871, CVE-2019-19959, CVE-2019-19924, CVE-2022-35737, CVE-2020-13435, CVE-2020-15358, CVE-2023-7104, CVE-2024-0232, CVE-2020-11655, CVE-2021-28305, CVE-2019-20218, CVE-2019-19317, CVE-2021-20227

Zyxel security advisory for buffer overflow vulnerabilities in some 5G NR/4G LTE CPE, ... - Zyxel Community Trust: 4.5 Fetched: May 22, 2024, 11:37 a.m., Published: May 21, 2024, midnight	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2024-0816, CVE-2023-37929

Google Android July 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices \| Qualys Security Blog Related entries in the VARIoT vulnerabilities database: VAR-202107-0545, VAR-202107-0541, VAR-202107-0543, VAR-202107-0544, VAR-202107-0026 Trust: 4.25 Fetched: May 22, 2024, 11:36 a.m., Published: July 13, 2021, 9:04 p.m.	Vulnerabilities: information disclosure, buffer overflow, code execution

Affected products

External IDs

vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	mobile
vendor:	huawei	model:	huawei
vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2021-0587, CVE-2021-1888, CVE-2021-1886, CVE-2021-1890, CVE-2021-0592, CVE-2021-1889, CVE-2020-11307, CVE-2021-1965

CWE - Vulnerability Type Distributions in CVE Trust: 3.25 Fetched: May 22, 2024, 11:27 a.m., Published: May 25, 2024, midnight	Vulnerabilities: request forgery, remote file inclusion, format string vulnerability...

Affected products

External IDs

vendor:	mandriva	model:	linux
vendor:	trend	model:	security
vendor:	netbsd	model:	netbsd
vendor:	netbsd	model:	beta
vendor:	netbsd	model:	current

OWASP Mobile Top 10 Vulnerabilities and How to Prevent Them Trust: 3.5 Fetched: May 22, 2024, 11:26 a.m., Published: July 6, 2022, 10:28 a.m.	Vulnerabilities: default credentials, buffer overflow, code execution

Affected products	External IDs

Electronics \| Free Full-Text \| Cybersecurity Threats, Countermeasures and Mitigation Techniques on the IoT: Future Research Directions Trust: 3.5 Fetched: May 22, 2024, 11:24 a.m., Published: Jan. 22, 2022, midnight	Vulnerabilities: code injection

Affected products	External IDs

Managing Device Loss: Safeguarding Data and Security \| 2023 Trust: 3.5 Fetched: May 22, 2024, 11:24 a.m., Published: Nov. 1, 2023, 4 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	mobile

Smart Yet Flawed: IoT Device Vulnerabilities Explained - Security News - Trend Micro SG Related entries in the VARIoT vulnerabilities database: VAR-202003-1707 Trust: 4.25 Fetched: May 22, 2024, 11:23 a.m., Published: -	Vulnerabilities: denial of service, default credentials

Affected products

External IDs

vendor:	sonos	model:	sonos
vendor:	trend micro	model:	internet security
vendor:	trend micro	model:	security
vendor:	trend micro	model:	home network security
vendor:	trend	model:	internet security
vendor:	trend	model:	security
vendor:	trend	model:	home network security

db:

NVD

ids:

CVE-2020-9054

Vulnerability Summary for the Week of March 22, 2021 \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202103-0538, VAR-202103-0912, VAR-202103-1332, VAR-202103-1321, VAR-202103-0234, VAR-202103-0550, VAR-202103-0468, VAR-202103-0536, VAR-202103-0542, VAR-202103-0777, VAR-202103-0773, VAR-202103-0916, VAR-202103-0766, VAR-202103-0764, VAR-202103-0774, VAR-202103-0548, VAR-202103-0543, VAR-202103-0539, VAR-202103-0915, VAR-202103-0433, VAR-202103-0531, VAR-202103-0775, VAR-202103-0545, VAR-202103-0765, VAR-202103-1327, VAR-202103-0549, VAR-202103-0534, VAR-202103-0767, VAR-202103-0914, VAR-202103-0470, VAR-202103-0769, VAR-202103-0772, VAR-202103-0547, VAR-202103-0383, VAR-202103-0650, VAR-202103-0532, VAR-202103-0763, VAR-202103-0776, VAR-202103-0529, VAR-202103-1464, VAR-202103-0541, VAR-202103-1463, VAR-202103-0544, VAR-202103-0778, VAR-202103-0913, VAR-202103-0465, VAR-202103-0779, VAR-202103-0768, VAR-202103-0287, VAR-202103-0540, VAR-202103-0457, VAR-202103-0911, VAR-202103-0530, VAR-202103-0546, VAR-202103-0467, VAR-202103-0535, VAR-202103-0537, VAR-202103-0533, VAR-202103-0479 Trust: 6.25 Fetched: May 22, 2024, 11:20 a.m., Published: March 22, 2021, midnight	Vulnerabilities: application crash, kernel panic, request forgery...

Affected products

External IDs

vendor:	tibco software	model:	enterprise message service
vendor:	tibco software	model:	tibco enterprise message service
vendor:	tibco software	model:	tibco rendezvous
vendor:	tibco software	model:	rendezvous
vendor:	tibco	model:	enterprise message service
vendor:	tibco	model:	tibco enterprise message service
vendor:	tibco	model:	tibco rendezvous
vendor:	tibco	model:	rendezvous
vendor:	cisco	model:	iox application framework
vendor:	cisco	model:	cisco iox
vendor:	cisco	model:	aironet series access points
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe sd-wan software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	series
vendor:	cisco	model:	1100
vendor:	cisco	model:	ios software
vendor:	cisco	model:	industrial integrated services routers
vendor:	cisco	model:	industrial isrs
vendor:	cisco	model:	router
vendor:	cisco	model:	network convergence system
vendor:	cisco	model:	cisco ic3000 industrial compute gateway
vendor:	cisco	model:	cisco aironet series access points
vendor:	cisco	model:	cisco iox application
vendor:	cisco	model:	catalyst 4500
vendor:	cisco	model:	series switches
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	integrated services routers
vendor:	cisco	model:	aironet access points
vendor:	cisco	model:	cgr 1000
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	aironet_access_points
vendor:	cisco	model:	aironet
vendor:	cisco	model:	cisco catalyst 4500 series
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	access points
vendor:	cisco	model:	wireless controller
vendor:	cisco	model:	ic3000
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	routers
vendor:	cisco	model:	jabber
vendor:	cisco	model:	iox application
vendor:	cisco	model:	cisco jabber
vendor:	cisco	model:	series routers
vendor:	cisco	model:	aironet series
vendor:	cisco	model:	catalyst 4500 series
vendor:	cisco	model:	809 industrial integrated services routers
vendor:	cisco	model:	ic3000 industrial compute gateway
vendor:	mulesoft	model:	mule runtime
vendor:	google	model:	wifi
vendor:	google	model:	android
vendor:	tp-link	model:	gateway
vendor:	tp-link	model:	routers
vendor:	tableau	model:	tableau server
vendor:	tableau	model:	server
vendor:	ansible	model:	ansible
vendor:	samsung	model:	notes
vendor:	samsung	model:	note
vendor:	samsung	model:	printers
vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung notes
vendor:	samsung	model:	galaxy
vendor:	rpath	model:	linux
vendor:	rockwell	model:	micrologix
vendor:	rockwell	model:	automation micrologix
vendor:	rockwell	model:	micrologix 1400
vendor:	nokia	model:	series
vendor:	nokia	model:	impact
vendor:	rockwell automation	model:	micrologix
vendor:	rockwell automation	model:	automation micrologix
vendor:	rockwell automation	model:	micrologix 1400
vendor:	askey	model:	fiber router rtf3505vw-n1
vendor:	askey	model:	askey fiber router rtf3505vw-n1
vendor:	rockwell_automation	model:	micrologix
vendor:	rockwell_automation	model:	automation micrologix
vendor:	rockwell_automation	model:	micrologix 1400

db:

NVD

ids:

CVE-2021-1394, CVE-2020-7467, CVE-2021-1452, CVE-2021-27440, CVE-2021-29266, CVE-2021-25372, CVE-2021-21373, CVE-2021-25354, CVE-2020-25581, CVE-2021-25355, CVE-2021-25371, CVE-2021-28250, CVE-2021-20284, CVE-2020-28695, CVE-2021-1391, CVE-2019-19350, CVE-2021-22506, CVE-2020-7464, CVE-2021-1626, CVE-2021-1281, CVE-2021-21389, CVE-2021-1417, CVE-2021-28823, CVE-2021-29093, CVE-2021-1627, CVE-2021-21385, CVE-2021-1382, CVE-2021-1441, CVE-2019-19354, CVE-2021-1435, CVE-2021-22886, CVE-2021-20289, CVE-2021-27454, CVE-2021-29255, CVE-2021-23890, CVE-2021-27194, CVE-2021-1469, CVE-2021-1454, CVE-2021-20677, CVE-2021-1436, CVE-2021-20683, CVE-2021-28247, CVE-2021-1375, CVE-2021-1383, CVE-2021-28117, CVE-2021-28249, CVE-2021-29094, CVE-2021-21374, CVE-2021-28820, CVE-2021-1398, CVE-2021-28248, CVE-2021-27452, CVE-2021-21411, CVE-2021-22194, CVE-2021-25352, CVE-2021-22659, CVE-2021-3027, CVE-2021-28821, CVE-2021-3392, CVE-2020-25580, CVE-2021-22184, CVE-2021-1431, CVE-2021-3409, CVE-2020-35518, CVE-2021-29265, CVE-2021-25351, CVE-2021-20193, CVE-2021-1629, CVE-2021-21401, CVE-2021-1437, CVE-2021-1385, CVE-2021-1460, CVE-2021-25367, CVE-2021-21403, CVE-2021-20285, CVE-2021-29156, CVE-2021-1376, CVE-2021-1403, CVE-2021-20271, CVE-2021-1471, CVE-2020-7461, CVE-2021-27962, CVE-2021-21332, CVE-2021-20681, CVE-2021-26715, CVE-2021-27450, CVE-2021-1352, CVE-2021-3109, CVE-2021-28824, CVE-2021-1449, CVE-2021-1434, CVE-2021-29249, CVE-2021-1374, CVE-2021-27193, CVE-2021-1220, CVE-2020-19625, CVE-2021-21396, CVE-2021-26596, CVE-2021-21333, CVE-2021-1432, CVE-2020-25578, CVE-2021-28818, CVE-2021-1453, CVE-2021-1439, CVE-2021-1418, CVE-2021-23888, CVE-2021-20213, CVE-2021-3449, CVE-2020-7468, CVE-2020-17380, CVE-2021-25366, CVE-2021-1381, CVE-2021-29271, CVE-2021-3450, CVE-2021-1384, CVE-2021-22172, CVE-2021-29096, CVE-2021-25350, CVE-2021-1442, CVE-2021-27448, CVE-2021-28246, CVE-2021-1356, CVE-2020-25582, CVE-2021-1628, CVE-2021-20679, CVE-2021-23889, CVE-2021-25349, CVE-2021-1451, CVE-2021-25353, CVE-2021-1371, CVE-2021-27192, CVE-2021-25368, CVE-2021-1443, CVE-2021-21372, CVE-2021-20682, CVE-2021-1446, CVE-2021-27195, CVE-2021-28822, CVE-2021-22180, CVE-2020-25579, CVE-2021-27372, CVE-2020-35508, CVE-2021-29272, CVE-2021-1377, CVE-2020-35856, CVE-2020-7463, CVE-2021-28956, CVE-2021-3275, CVE-2021-27438, CVE-2021-1423, CVE-2021-26597, CVE-2021-1390, CVE-2019-19349, CVE-2021-1373, CVE-2021-1411, CVE-2021-1392, CVE-2021-3443, CVE-2020-25840, CVE-2020-7462, CVE-2021-3467, CVE-2021-25369, CVE-2021-29264, CVE-2020-27829, CVE-2021-1433, CVE-2020-25085, CVE-2021-25370, CVE-2021-20206, CVE-2021-20197

IoT Security Vulnerabilities and Defensive Measures in Industry 4.0 \| SpringerLink Trust: 4.0 Fetched: May 22, 2024, 11:16 a.m., Published: May 22, 2023, midnight	Vulnerabilities: denial of service, sql injection, injection attack...

Affected products

External IDs

vendor:	cups	model:	cups
vendor:	google	model:	home
vendor:	google	model:	android
vendor:	google	model:	wifi

Common Wireless Network Security Threats \| Pluralsight Trust: 4.75 Fetched: May 22, 2024, 11:15 a.m., Published: Nov. 2, 2011, 10:36 a.m.	Vulnerabilities: denial of service

Affected products	External IDs

IoT device vulnerabilities are on the rise - EDN Trust: 3.75 Fetched: May 22, 2024, 11:12 a.m., Published: Jan. 27, 2020, 11:49 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	nexus
vendor:	google	model:	wifi
vendor:	google	model:	google home
vendor:	trend	model:	security

Vulnerability in Web Services on Devices (WSD) API \| MSRC Blog \| Microsoft Security Response Center Trust: 3.75 Fetched: May 22, 2024, 11:11 a.m., Published: -	Vulnerabilities: application crash, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2009-2512

Applied Sciences \| Free Full-Text \| Vulnerabilities and Limitations of MQTT Protocol Used between IoT Devices Trust: 4.75 Fetched: May 22, 2024, 11:10 a.m., Published: Jan. 22, 2019, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

raspberry pi

model:

3

VARIoT news about IoT security