VARIoT latest news about IoT security

Google Patches New Android Kernel Vulnerability Exploited in the Wild Trust: 5.5 Fetched: Oct. 2, 2024, 11:21 a.m., Published: Aug. 6, 2024, 6:12 a.m.	Vulnerabilities: privilege escalation, information disclosure, code execution

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	android

db:

NVD

ids:

CVE-2024-29748, CVE-2024-32896, CVE-2018-0824, CVE-2024-36971, CVE-2024-29745

Vulnerabilities in TP-Link IoT Devices Can Get You Hacked Trust: 3.5 Fetched: Oct. 2, 2024, 11:21 a.m., Published: Aug. 22, 2023, 2:16 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	wifi
vendor:	google	model:	home

Showcase.apk Vulnerability on Pixel Devices: Security Risk Trust: 4.5 Fetched: Oct. 2, 2024, 11:18 a.m., Published: Aug. 16, 2024, 12:53 p.m.	Vulnerabilities: code injection, code execution

Affected products

External IDs

vendor:	essential	model:	phone
vendor:	google	model:	pixel
vendor:	google	model:	android

Security announcements \| Docker Docs Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562, VAR-202112-1782 Trust: 3.75 Fetched: Oct. 2, 2024, 11:18 a.m., Published: Sept. 13, 2024, 12:45 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-23652, CVE-2024-24557, CVE-2024-23651, CVE-2024-8696, CVE-2024-23653, CVE-2024-8695, CVE-2021-44228, CVE-2021-45046, CVE-2024-21626, CVE-2021-45105, CVE-2024-23650, CVE-2022-42889

IoT Devices - with greater connectivity comes greater vulnerabilities - IIoT World Trust: 3.75 Fetched: Oct. 2, 2024, 11:17 a.m., Published: Sept. 7, 2017, 9:51 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

cisco

model:

routers

12 Best Tenable Nessus Alternatives (Free and Paid) for 2024 Trust: 3.5 Fetched: Oct. 2, 2024, 11:16 a.m., Published: June 30, 2021, 3:33 p.m.	Vulnerabilities: sql injection, configuration vulnerability

Affected products	External IDs

CVE-2024-7581 - Tenda A301 Stack-Based Buffer Overflow Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-202408-0167 Trust: 5.25 Fetched: Oct. 2, 2024, 11:14 a.m., Published: Aug. 7, 2024, 3:15 p.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2024-7581

YubiKeys Vulnerability Let Attackers Clone Devices By Extracting Secret Key Trust: 3.75 Fetched: Oct. 2, 2024, 11:14 a.m., Published: Sept. 4, 2024, 11:19 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	yubico	model:	yubihsm 2
vendor:	yubico	model:	yubikey

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus Related entries in the VARIoT vulnerabilities database: VAR-202309-2171, VAR-202310-1699 Trust: 5.5 Fetched: Oct. 2, 2024, 11:07 a.m., Published: July 4, 2024, 9:10 a.m.	Vulnerabilities: input validation vulnerability, information disclosure, code execution

Affected products

External IDs

vendor:	rockwell automation	model:	factorytalk linx
vendor:	rockwell automation	model:	automation panelview plus
vendor:	rockwell automation	model:	factorytalk view
vendor:	rockwell automation	model:	automation panelview
vendor:	rockwell automation	model:	factorytalk
vendor:	rockwell	model:	factorytalk linx
vendor:	rockwell	model:	automation panelview plus
vendor:	rockwell	model:	factorytalk view
vendor:	rockwell	model:	automation panelview
vendor:	rockwell	model:	factorytalk

db:

NVD

ids:

CVE-2023-2071, CVE-2024-23692, CVE-2023-29464

Remote Code Execution (RCE) Explained in Detail \| Splunk Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202104-0752 Trust: 4.75 Fetched: Oct. 2, 2024, 11:05 a.m., Published: Oct. 24, 2024, midnight	Vulnerabilities: buffer overflow, code execution, code injection...

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228, CVE-2019-8942, CVE-2021-1844, CVE-2020-17051

The latest on vulnerability research - The GitHub Blog Trust: 4.0 Fetched: Oct. 2, 2024, 11:04 a.m., Published: Sept. 26, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-6241

Secure Boot rendered useless, over 200 PC models from different makers are affected \| TechSpot Trust: 3.0 Fetched: Oct. 2, 2024, 11:02 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Firmware Vulnerability in Poly Clariti Manager Devices (CVE-2024-41913) \| SecurityVulnerability.io - SecuirtyVulnerability.io Trust: 3.25 Fetched: Oct. 2, 2024, 11:02 a.m., Published: Aug. 6, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-41913

Best antivirus software 2024 for PC and Mac \| TechRadar Trust: 3.25 Fetched: Oct. 2, 2024, 11 a.m., Published: March 8, 2022, 2:58 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	avira	model:	antivirus
vendor:	trend	model:	micro internet security
vendor:	trend	model:	micro maximum security
vendor:	trend	model:	trend micro antivirus
vendor:	trend	model:	antivirus
vendor:	trend	model:	security
vendor:	trend	model:	password manager
vendor:	trend	model:	internet security
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad
vendor:	apple	model:	watch
vendor:	apple	model:	macos
vendor:	trend micro	model:	micro internet security
vendor:	trend micro	model:	micro maximum security
vendor:	trend micro	model:	trend micro antivirus
vendor:	trend micro	model:	antivirus
vendor:	trend micro	model:	security
vendor:	trend micro	model:	password manager
vendor:	trend micro	model:	internet security
vendor:	avast	model:	anti-virus
vendor:	avast	model:	antivirus
vendor:	google	model:	home
vendor:	google	model:	google home
vendor:	google	model:	android

Mobile Security Threats in 2025: How to Protect Your Devices Trust: 4.0 Fetched: Oct. 2, 2024, 10:56 a.m., Published: Oct. 2, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

essential

model:

phone

CVE-2024-45032: Industrial Edge Device Token Impersonation Vulnerability - DEC Solutions Group Trust: 3.25 Fetched: Oct. 2, 2024, 10:55 a.m., Published: Sept. 10, 2024, 10:31 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-45032

Microsoft patches CVE-2024-38063 IPv6 RCE vulnerability • The Register Trust: 5.75 Fetched: Oct. 2, 2024, 10:55 a.m., Published: -	Vulnerabilities: cross-site scripting, information disclosure, feature bypass...

Affected products

External IDs

vendor:

ahnlab

model:

engine

db:

NVD

ids:

CVE-2024-38106, CVE-2024-38140, CVE-2024-38202, CVE-2024-38107, CVE-2024-38166, CVE-2024-21302, CVE-2024-38189, CVE-2024-38213, CVE-2024-38199, CVE-2024-38178, CVE-2024-38200, CVE-2024-38160, CVE-2024-38063, CVE-2024-38109, CVE-2024-38159, CVE-2024-41730, CVE-2024-38206, CVE-2024-38193

Network Vulnerabilities 101: Types and Prevention Methods \| Okta Trust: 3.0 Fetched: Oct. 2, 2024, 10:54 a.m., Published: -	Vulnerabilities: -

Affected products	External IDs

Samsung says August 2024 security patch is critical for its devices - SamMobile Trust: 3.0 Fetched: Oct. 2, 2024, 10:52 a.m., Published: July 19, 2024, 5:21 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

samsung

CVE-2024-47527 - Exploits & Severity - Feedly Trust: 4.0 Fetched: Oct. 2, 2024, 10:49 a.m., Published: Oct. 1, 2024, midnight	Vulnerabilities: cross-site scripting

Affected products

External IDs

db:

NVD

ids:

CVE-2024-47527

VARIoT news about IoT security