Sign-up

VARIoT news about IoT security

Vulnerability impacting Check Point Network Security Gateways (CVE-2024-24919) - Canadian Centre for Cyber Security

Trust: 3.75

Fetched: Aug. 4, 2024, 9:37 a.m., Published: May 31, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2024-24919

Android Security Bulletin-June 2024 | Android Open Source Project

Trust: 4.5

Fetched: Aug. 4, 2024, 9:36 a.m., Published: June 4, 2024, midnight
 Vulnerabilities: information disclosure, denial of service, code execution
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: google model: android
vendor: google model: pixel
vendor: motorola model: motorola
vendor: motorola model: android
vendor: samsung model: notes
vendor: samsung model: note
db: NVD ids: CVE-2024-31328, CVE-2024-31329, CVE-2024-31330

IoT | Free Full-Text | Investigating Radio Frequency Vulnerabilities in the Internet of Things (IoT)

Trust: 4.0

Fetched: Aug. 4, 2024, 9:34 a.m., Published: June 4, 2024, midnight
 Vulnerabilities: denial of service, replay attack, authentication attack
Affected productsExternal IDs
vendor: mesh model: mesh
vendor: essential model: phone
vendor: belkin model: router

Baxter Welch Allyn Connex Spot Monitor Vulnerability CVE-2024-1275 - NHS England Digital

Trust: 3.0

Fetched: Aug. 4, 2024, 9:33 a.m., Published: Aug. 4, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-1275

Who Ya’ Gonna Call? Why IoT Companies Should Embrace Vulnerability Disclosure Programs - Innovation at Consumer Reports

Trust: 3.25

Fetched: Aug. 4, 2024, 9:33 a.m., Published: July 29, 2024, 4:05 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: note
vendor: chamberlain model: chamberlain myq garage
vendor: chamberlain model: myq garage
vendor: sengled model: boost
vendor: roku model: roku
vendor: google model: home

Top 10 VPN Vulnerabilities (2022 - H1 2024) - SOCRadar® Cyber Intelligence Inc.

Related entries in the VARIoT vulnerabilities database: VAR-202302-0119, VAR-202212-1132, VAR-202304-2073

Trust: 5.25

Fetched: Aug. 4, 2024, 9:31 a.m., Published: June 21, 2024, 11:55 a.m.
 Vulnerabilities: information disclosure, denial of service, code execution...
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: check point model: check point
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: ssl vpn
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: fortigate model: fortios
vendor: palo model: pan-os
vendor: palo model: ssl vpn
vendor: palo model: networks
vendor: palo model: firewall
vendor: trend model: security
vendor: zyxel model: zywall
vendor: cisco model: spark
vendor: cisco model: router
vendor: cisco model: information server
vendor: cisco model: rv345p
vendor: cisco model: rv340
vendor: cisco model: rv340w
vendor: cisco model: routers
vendor: cisco model: access points
vendor: cisco model: rv345
db: NVD ids: CVE-2023-46850, CVE-2023-20073, CVE-2022-42475, CVE-2024-24919, CVE-2023-28771, CVE-2024-21887, CVE-2024-21762, CVE-2024-3400, CVE-2023-46805, CVE-2022-43931, CVE-2023-21887, CVE-2023-46849, CVE-2023-27997

Fleet | Discovering xz vulnerability with Fleet

Trust: 4.0

Fetched: Aug. 4, 2024, 9:30 a.m., Published: May 6, 2000, midnight
 Vulnerabilities: script execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-3094

Exploit Attacks of the D-Link NAS CVE-2024-3273 Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202404-0070

Trust: 5.75

Fetched: Aug. 4, 2024, 9:30 a.m., Published: Aug. 4, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: d-link model: router
db: NVD ids: CVE-2024-3273

Cisco Secure Web Appliance Privilege Escalation Vulnerability

Trust: 3.0

Fetched: Aug. 4, 2024, 9:29 a.m., Published: July 17, 2024, 4 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Notes on ThroughTek Kalay Vulnerabilities and Their Impact on the IoT Ecosystem

Trust: 4.5

Fetched: Aug. 4, 2024, 9:29 a.m., Published: May 22, 2024, 10:39 p.m.
 Vulnerabilities: buffer overflow, code execution, command execution
Affected productsExternal IDs
vendor: roku model: roku
db: NVD ids: CVE-2023-6324, CVE-2023-6321, CVE-2023-6323, CVE-2023-6322

Microsoft warns of elevated risk in Rockwell Automation PanelView Plus CVEs | Cybersecurity Dive

Related entries in the VARIoT vulnerabilities database: VAR-202310-1699, VAR-202309-2171

Trust: 5.25

Fetched: Aug. 4, 2024, 9:28 a.m., Published: July 3, 2024, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: rockwell automation model: automation panelview
vendor: rockwell automation model: factorytalk
vendor: rockwell automation model: automation panelview plus
vendor: rockwell model: automation panelview
vendor: rockwell model: factorytalk
vendor: rockwell model: automation panelview plus
db: NVD ids: CVE-2023-29464, CVE-2023-2071

Cybersecurity - Siemens Healthineers USA

Trust: 3.5

Fetched: Aug. 4, 2024, 9:27 a.m., Published: Aug. 30, 2024, midnight
 Vulnerabilities: request forgery, cross-site request forgery
Affected productsExternal IDs

Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 - Android Offensive Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-201910-0902

Trust: 3.5

Fetched: Aug. 4, 2024, 9:26 a.m., Published: Aug. 4, 2024, midnight
 Vulnerabilities: privilege escalation, improper cleanup
Affected productsExternal IDs
db: NVD ids: CVE-2020-004, CVE-2020-0041, CVE-2023-21255, CVE-2020-0423, CVE-2023-20938, CVE-2019-2215, CVE-2022-20421

BIG-IP Next Central Manager vulnerability CVE-2024-33612

Trust: 4.0

Fetched: Aug. 4, 2024, 9:25 a.m., Published: -
 Vulnerabilities: certificate validation vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2024-33612

Network Vulnerability Scanner - ManageEngine Network Configuration Manager

Trust: 3.25

Fetched: Aug. 4, 2024, 9:25 a.m., Published: May 4, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: manageengine model: network configuration manager

Notes on ThroughTek Kalay Vulnerabilities and Their Impact on the IoT Ecosystem

Trust: 4.5

Fetched: Aug. 4, 2024, 9:18 a.m., Published: Aug. 3, 2024, midnight
 Vulnerabilities: buffer overflow, code execution, command execution
Affected productsExternal IDs
vendor: roku model: roku
db: NVD ids: CVE-2023-6324, CVE-2023-6321, CVE-2023-6323, CVE-2023-6322

WARNING: CRITICAL VULNERABILITY IN JUNIPER NETWORKS SESSION SMART ROUTER, SESSION SMART CONDUCTOR AND WAN ASSURANCE ROUTERS CAN BE EXPLOITED TO EXECUTE CODE. PATCH IMMEDIATELY! | Cert

Trust: 5.0

Fetched: Aug. 4, 2024, 9:16 a.m., Published: June 28, 2024, 2:48 p.m.
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-2973

Null Pointer Dereference Vulnerability in LibOSDP

Trust: 3.5

Fetched: Aug. 4, 2024, 9:15 a.m., Published: Aug. 3, 2024, midnight
 Vulnerabilities: denial of service, pointer dereference vulnerability
Affected productsExternal IDs

WARNING: CRITICAL VULNERABILITY IN JUNIPER NETWORKS SESSION SMART ROUTER, SESSION SMART CONDUCTOR AND WAN ASSURANCE ROUTERS CAN BE EXPLOITED TO EXECUTE CODE. PATCH IMMEDIATELY! | Cert

Trust: 5.0

Fetched: Aug. 4, 2024, 9:15 a.m., Published: June 28, 2024, 2:47 p.m.
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-2973

Re: Vulnerability within photoshop - Adobe Community - 14681733

Trust: 3.0

Fetched: Aug. 4, 2024, 9:14 a.m., Published: June 18, 2024, 8:52 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: artifex model: gpl ghostscript