Sign-up

VARIoT news about IoT security

WARNING: CRITICAL VULNERABILITY IN JUNIPER NETWORKS SESSION SMART ROUTER, SESSION SMART CONDUCTOR AND WAN ASSURANCE ROUTERS CAN BE EXPLOITED TO EXECUTE CODE. PATCH IMMEDIATELY! | Cert

Trust: 5.0

Fetched: Aug. 4, 2024, 9:13 a.m., Published: June 28, 2024, 2:48 p.m.
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-2973

New govt warning says your iPhone, iPad, and MacBook might be at risk: How to keep them safe

Trust: 4.75

Fetched: Aug. 4, 2024, 9:13 a.m., Published: Aug. 4, 2024, 5:40 a.m.
 Vulnerabilities: information disclosure, denial of service, security bypass
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macbook
vendor: apple model: watch
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: apple tv
vendor: apple model: tvos
vendor: apple model: macos
vendor: apple model: watchos

News regarding august security patch 2024 for eli... - Samsung Members

Trust: 3.75

Fetched: Aug. 2, 2024, 9:28 a.m., Published: July 31, 2024, 8:14 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-32896, CVE-2024-29745

Cisco Warns regreSSHion Vulnerability Impacts Multiple Products - Infosecurity Magazine

Trust: 5.75

Fetched: Aug. 2, 2024, 9:24 a.m., Published: July 8, 2024, 3:30 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: anyconnect secure mobility client
vendor: cisco model: telepresence
vendor: snort model: snort
db: NVD ids: CVE-2024-6387, CVE-2006-5051, CVE-2008-4109

Siri Bug Enables Data Theft on Locked Apple Devices

Trust: 3.0

Fetched: Aug. 2, 2024, 9:23 a.m., Published: Aug. 5, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: macos
vendor: apple model: iphone

About the security content of iOS 16.7.8 and iPadOS 16.7.8 - Apple Support

Trust: 5.25

Fetched: Aug. 2, 2024, 9:21 a.m., Published: July 16, 2008, midnight
 Vulnerabilities: code execution, memory corruption, authentication issue...
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: webkit
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2024-27806, CVE-2024-27838, CVE-2024-27831, CVE-2024-27834, CVE-2024-27820, CVE-2024-27855, CVE-2024-27789, CVE-2024-27847, CVE-2024-23282, CVE-2024-27807, CVE-2024-23296, CVE-2024-23251, CVE-2024-27796, CVE-2024-27805, CVE-2024-27823, CVE-2024-27800, CVE-2024-27802, CVE-2024-27818, CVE-2024-27817, CVE-2024-27833, CVE-2024-27840, CVE-2024-27799

CVE-2024-41024 - Linux Kernel fastrpc Privilege Escalation Vulnerability

Trust: 4.0

Fetched: Aug. 2, 2024, 9:20 a.m., Published: July 29, 2024, 3:15 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2024-41024

Threat Actors Exploit Microsoft SmartScreen Vulnerability: Cyble Researchers - The Cyber Express

Trust: 3.75

Fetched: Aug. 2, 2024, 9:19 a.m., Published: July 6, 2024, 9:23 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-29988, CVE-2024-21412

WiZ Colors A60 1.14.0 Credential Disclosure ≈ Packet Storm

Related entries in the VARIoT vulnerabilities database: VAR-202104-0017

Trust: 5.0

Fetched: Aug. 2, 2024, 9:18 a.m., Published: July 30, 2024, midnight
 Vulnerabilities: information disclosure, credential disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2020-11923

CVE-2024-36788 Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 d...

Related entries in the VARIoT vulnerabilities database: VAR-202406-2616

Trust: 4.0

Fetched: Aug. 2, 2024, 9:17 a.m., Published: July 6, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: netgear model: n300
vendor: netgear model: jnr1010v2
vendor: netgear model: wnr614
db: NVD ids: CVE-2024-36788

CVE-2024-23711 - Microsoft Device Driver Kernel Code Execution Vulnerability

Trust: 6.0

Fetched: Aug. 2, 2024, 9:16 a.m., Published: July 9, 2024, 9:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-23711

Brother MFC-J491DW C1806180757 Password Hash Disclosure ≈ Packet Storm

Related entries in the VARIoT vulnerabilities database: VAR-202407-2513

Trust: 4.0

Fetched: Aug. 2, 2024, 9:15 a.m., Published: July 30, 2024, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2019-20457

Re: OpenSSL vulnerability in icls driver version 1.71.99.0 - Intel Community

Trust: 3.0

Fetched: Aug. 2, 2024, 9:14 a.m., Published: May 13, 2024, 5:53 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: optiplex

CVE-2024-40975 - vulnerability database | Vulners.com

Trust: 4.0

Fetched: Aug. 2, 2024, 9:14 a.m., Published: July 12, 2024, 1:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: bios
vendor: lenovo model: yoga
db: NVD ids: CVE-2024-40975

Re: OpenSSL vulnerability in icls driver version 1.71.99.0 - Intel Community

Trust: 3.0

Fetched: Aug. 2, 2024, 9:13 a.m., Published: May 13, 2024, 5:53 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: optiplex

Protecting SmartPLC Devices from Critical Hardcoded Credential Vulnerability CVE-2024-28747 | SonicWall

Trust: 4.75

Fetched: Aug. 2, 2024, 9:13 a.m., Published: July 31, 2024, 4:54 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sonicwall model: remote access
db: NVD ids: CVE-2024-28747

CVE-2024-6242 Rockwell Automation Chassis Restrictions Bypas... - vulnerability database | Vulners.com

Trust: 3.5

Fetched: Aug. 2, 2024, 9:13 a.m., Published: Aug. 1, 2024, 3:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: rockwell automation model: guardlogix
vendor: rockwell automation model: controllogix
vendor: rockwell model: guardlogix
vendor: rockwell model: controllogix
db: NVD ids: CVE-2024-6242

CVE-2024-20323 - Exploits & Severity - Feedly

Trust: 6.0

Fetched: Aug. 2, 2024, 9:11 a.m., Published: July 17, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-20323

Apple fixes Siri vulnerabilities that could have allowed sen... - vulnerability database | Vulners.com

Trust: 3.75

Fetched: Aug. 2, 2024, 9:11 a.m., Published: July 31, 2024, 1:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: apple tv
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: iphone
vendor: apple model: tvos
vendor: apple model: watchos
vendor: apple model: ipod touch
vendor: apple model: watch

Re: OpenSSL vulnerability in icls driver version 1.71.99.0 - Intel Community

Trust: 3.0

Fetched: Aug. 2, 2024, 9:11 a.m., Published: May 13, 2024, 5:53 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: optiplex