VARIoT latest news about IoT security

Dell Latitude 5350 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Aug. 28, 2024, 9:35 a.m., Published: Aug. 28, 5350, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	dell	model:	bios

Critical Vulnerability in D-Link Devices Could Lead to Command Injection (CVE-2024-7715) \| SecurityVulnerability.io - SecuirtyVulnerability.io Trust: 6.0 Fetched: Aug. 28, 2024, 9:31 a.m., Published: -	Vulnerabilities: command injection

Affected products

External IDs

vendor:	d-link	model:	dnr-326
vendor:	d-link	model:	dnr-322l
vendor:	d-link	model:	dns-325
vendor:	d-link	model:	dns-323
vendor:	d-link	model:	dns-340l
vendor:	d-link	model:	dns-327l
vendor:	d-link	model:	dns-320lw
vendor:	d-link	model:	dns-345
vendor:	d-link	model:	dns-320
vendor:	d-link	model:	dns-320l

db:

NVD

ids:

CVE-2024-7715

Alienware Area-51m R2 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Aug. 28, 2024, 9:31 a.m., Published: Aug. 27, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access Trust: 4.5 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 26, 2024, 2:33 p.m.	Vulnerabilities: improper access control, access control vulnerability, access control bug

Affected products

External IDs

vendor:	google	model:	nexus
vendor:	sonicwall	model:	secure mobile access
vendor:	sonicwall	model:	remote access
vendor:	sonicwall	model:	switch
vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho
vendor:	cisco	model:	nexus
vendor:	cisco	model:	soho

db:

NVD

ids:

CVE-2024-40766

Huawei EulerOS: Security Advisory for device-mapper-multipat... - vulnerability database \| Vulners.com Trust: 4.75 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 22, 2024, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:

huawei

model:

huawei

db:

NVD

ids:

CVE-2022-41973, CVE-2022-41974

SonicWall pushes patch for critical vulnerability in SonicOS platform \| CyberScoop Trust: 3.75 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 26, 2024, 3:58 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	sonicwall	model:	secure mobile access
vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho

db:

NVD

ids:

CVE-2024-40766

SonicWall patches critical vulnerability in several firewalls Trust: 5.0 Fetched: Aug. 28, 2024, 9:28 a.m., Published: Aug. 27, 2024, midnight	Vulnerabilities: improper access control, access control vulnerability

Affected products

External IDs

vendor:

sonicwall

model:

sonicos

db:

NVD

ids:

CVE-2024-40766

Critical SonicWall SonicOS vulnerability fixed \| SC Media Trust: 5.5 Fetched: Aug. 28, 2024, 9:22 a.m., Published: June 11, 2024, 5 p.m.	Vulnerabilities: improper access control, access control vulnerability

Affected products

External IDs

vendor:	sonicwall	model:	switch
vendor:	sonicwall	model:	sonicos

db:

NVD

ids:

CVE-2024-40766

Product Notice: Improper Access Control Vulnerability in SonicOS \| SonicWall Trust: 3.75 Fetched: Aug. 28, 2024, 9:22 a.m., Published: -	Vulnerabilities: improper access control, access control vulnerability

Affected products

External IDs

vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho

Intel® Active Management Technology (Intel® AMT) and... Trust: 3.0 Fetched: Aug. 27, 2024, 9:25 a.m., Published: July 28, 2020, 5:04 p.m.	Vulnerabilities: information disclosure, denial of service

Affected products	External IDs

Protecting Kaspersky Endpoint Security for Android against removal Trust: 3.0 Fetched: Aug. 27, 2024, 9:23 a.m., Published: April 27, 2019, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile

The Facts Behind Smart Home Hacking (and How to Stop Worrying) - CNET Trust: 3.25 Fetched: Aug. 27, 2024, 9:10 a.m., Published: May 27, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	huawei	model:	huawei
vendor:	dahua	model:	camera
vendor:	tp-link	model:	routers

Update now! Google Pixel vulnerability is under active exploitation \| Malwarebytes Trust: 3.75 Fetched: Aug. 27, 2024, 9:07 a.m., Published: June 13, 2024, 1:33 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2024-32896

Kaspersky finds 24 vulnerabilities in Chinese biometric access systems Trust: 3.75 Fetched: Aug. 27, 2024, 9:06 a.m., Published: June 11, 2024, 11 a.m.	Vulnerabilities: sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2023-3942, CVE-2023-3940, CVE-2023-3939, CVE-2023-3938, CVE-2023-3943, CVE-2023-3941

Bugs in Microsoft macOS apps open door to camera, mic access • The Register Trust: 3.75 Fetched: Aug. 25, 2024, 10:01 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

db:

NVD

ids:

CVE-2024-41145, CVE-2024-42220, CVE-2024-41138, CVE-2024-39804, CVE-2024-43106, CVE-2024-42004, CVE-2024-41159, CVE-2024-41165

Google Pixel Vulnerability: Millions of Devices at Risk Since 2017 Trust: 3.5 Fetched: Aug. 25, 2024, 9:58 a.m., Published: Aug. 16, 2024, 11 a.m.	Vulnerabilities: code injection

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

Navigating Cybersecurity Risks in the Healthcare Industry Trust: 3.75 Fetched: Aug. 25, 2024, 9:58 a.m., Published: May 25, 2024, midnight	Vulnerabilities: denial of service

Affected products	External IDs

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution Trust: 5.0 Fetched: Aug. 25, 2024, 9:56 a.m., Published: Aug. 7, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

China-Linked APT Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399) Vulnerability Trust: 3.75 Fetched: Aug. 25, 2024, 9:55 a.m., Published: Aug. 23, 2024, 4:37 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	mds 9000
vendor:	cisco	model:	series switches
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	mds 9000 series
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2024-20399

Sensors \| Free Full-Text \| Security Evaluation of Companion Android Applications in IoT: The Case of Smart Security Devices Trust: 4.5 Fetched: Aug. 25, 2024, 9:54 a.m., Published: Jan. 25, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	android
vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile
vendor:	samsung	model:	note

db:

NVD

ids:

CVE-2010-3492

VARIoT news about IoT security