Sign-up

VARIoT news about IoT security

Cybersecurity threats: Main types and new threats in 2024 | NordVPN

Trust: 4.25

Fetched: Nov. 3, 2024, 9:31 a.m., Published: Aug. 6, 2024, 11:57 a.m.
 Vulnerabilities: session hijacking, cross-site scripting, privilege escalation...
Affected productsExternal IDs
vendor: nokia model: impact
vendor: google model: home
vendor: essential model: phone

Understanding CVE-2023-44097: Huawei's HarmonyOS and EMUI Vulnerabilities

Trust: 3.5

Fetched: Nov. 3, 2024, 9:31 a.m., Published: Oct. 3, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: huawei model: emui
db: NVD ids: CVE-2023-44097

Top 10 Windows 7 Vulnerabilities And Remediation Tips | UpGuard

Related entries in the VARIoT vulnerabilities database: VAR-201112-0114

Trust: 5.0

Fetched: Nov. 3, 2024, 9:30 a.m., Published: Nov. 10, 2024, midnight
 Vulnerabilities: denial of service, untrusted search path, memory corruption...
Affected productsExternal IDs
db: NVD ids: CVE-2014-4114, CVE-2010-3147, CVE-2010-2744, CVE-2015-0016, CVE-2013-0008, CVE-2010-4398, CVE-2010-4701, CVE-2014-4113, CVE-2010-3227, CVE-2011-5046

Red Hat’s response to OpenPrinting CUPS vulnerabilities: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177

Trust: 5.25

Fetched: Nov. 3, 2024, 9:30 a.m., Published: Sept. 26, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cups model: cups
db: NVD ids: CVE-2024-47176, CVE-2024-47177, CVE-2024-47175, CVE-2024-47076

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Nov. 3, 2024, 9:29 a.m., Published: April 3, 2024, midnight
 Vulnerabilities: configuration error
Affected productsExternal IDs

CERT-EU - Critical Vulnerabilities in FortiOS

Trust: 4.75

Fetched: Nov. 3, 2024, 9:29 a.m., Published: -
 Vulnerabilities: format string vulnerability, memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2024-23113, CVE-2024-21762

CUPS Vulnerabilities: Impact and Fixes - FOSSA

Trust: 3.75

Fetched: Nov. 3, 2024, 9:28 a.m., Published: Sept. 27, 2024, 11:52 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cups model: cups
db: NVD ids: CVE-2024-47176, CVE-2024-47177, CVE-2024-47175, CVE-2024-47076

CVE-2024-47945 - Mitigating Predictable Session ID Vulnerability in IoT Devices

Trust: 4.0

Fetched: Nov. 3, 2024, 9:22 a.m., Published: Nov. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-47945

Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns - Sophos News

Related entries in the VARIoT vulnerabilities database: VAR-202209-1931

Trust: 4.25

Fetched: Nov. 3, 2024, 9:20 a.m., Published: Oct. 31, 2024, 12:31 p.m.
 Vulnerabilities: command injection, account creation attack, password guessing...
Affected productsExternal IDs
vendor: mikrotik model: mikrotik
vendor: mikrotik model: routers
vendor: sophos model: firewall
vendor: sophos model: cyberoam
vendor: draytek model: routers
vendor: cisco model: guard
vendor: cisco model: series
vendor: cisco model: routers
vendor: cisco model: soho
vendor: cisco model: vpn client
vendor: barracuda networks model: running
vendor: barracuda networks model: barracuda
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: sonicwall model: remote access
vendor: sonicwall model: soho
vendor: cisco systems model: guard
vendor: cisco systems model: series
vendor: cisco systems model: routers
vendor: cisco systems model: soho
vendor: cisco systems model: vpn client
vendor: check point model: check point
vendor: tp-link model: routers
vendor: huawei model: huawei
vendor: barracuda model: running
vendor: barracuda model: barracuda
vendor: dropbear model: dropbear ssh
vendor: dropbear model: ssh server
vendor: palo model: networks
vendor: palo model: firewall
db: NVD ids: CVE-2020-15069, CVE-2022-1292, CVE-2020-12271, CVE-2022-1040, CVE-2020-29574, CVE-2022-3236

CVE-2024-2547: Understanding and Mitigating the Tenda AC18 Stack-based Buffer Overflow Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202403-0846

Trust: 5.5

Fetched: Nov. 3, 2024, 9:20 a.m., Published: March 15, 2005, 5 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: tenda model: ac18 firmware
vendor: tenda model: ac18
db: NVD ids: CVE-2024-2547

Understanding CVE-2024-45275: Hardcoded Credentials Vulnerability in Industrial Devices

Trust: 4.0

Fetched: Nov. 3, 2024, 9:19 a.m., Published: Nov. 3, 2024, midnight
 Vulnerabilities: default credentials, service disruption
Affected productsExternal IDs
db: NVD ids: CVE-2024-45275

NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities

Trust: 5.5

Fetched: Nov. 1, 2024, 10 a.m., Published: Oct. 31, 2024, 3:29 p.m.
 Vulnerabilities: information disclosure, session hijacking, authentication vulnerability...
Affected productsExternal IDs
vendor: snort.org model: snort
vendor: snort model: snort
vendor: cisco model: series
vendor: cisco model: router
vendor: cisco model: soho
db: NVD ids: CVE-2024-28875, CVE-2024-33603, CVE-2024-28052, CVE-2024-33626, CVE-2024-0117, CVE-2024-33700, CVE-2024-31152, CVE-2024-31151, CVE-2024-0121, CVE-2024-0119, CVE-2024-32946, CVE-2024-0118, CVE-2024-33623, CVE-2024-23309, CVE-2024-24777, CVE-2024-0120, CVE-2024-33699

Cellular IoT Vulnerabilities: Another Door to Cellular Networks | Trend Micro (ZA)

Related entries in the VARIoT vulnerabilities database: VAR-202310-0004, VAR-202011-1308, VAR-202408-1859

Trust: 4.5

Fetched: Nov. 1, 2024, 10 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend micro model: security
vendor: d-link model: router
vendor: tp-link model: gateway
vendor: tp-link model: routers
vendor: trend model: security
db: NVD ids: CVE-2023-43261, CVE-2020-3657, CVE-2024-20082, CVE-2023-47610

Examining IoT Security Issues - Portnox

Trust: 3.5

Fetched: Nov. 1, 2024, 9:58 a.m., Published: Oct. 22, 2024, 2:27 p.m.
 Vulnerabilities: denial of service, default credentials
Affected productsExternal IDs

IoT needs more respect for its consumers, creations, and itself - Help Net Security

Trust: 3.0

Fetched: Nov. 1, 2024, 9:57 a.m., Published: Oct. 30, 2024, 12:57 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

Security Update: Critical CUPS Vulnerability - Blog Detectify

Trust: 4.75

Fetched: Nov. 1, 2024, 9:55 a.m., Published: Sept. 27, 2024, 11:08 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cups model: cups
db: NVD ids: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177

Cracking the Core: Hardware Vulnerabilities in Android Devices Unveiled

Trust: 4.25

Fetched: Nov. 1, 2024, 9:53 a.m., Published: Jan. 1, 2024, midnight
 Vulnerabilities: information disclosure, improper memory management, buffer overflow...
Affected productsExternal IDs
vendor: hak5 model: wifi pineapple
vendor: google model: wifi
vendor: google model: android
db: NVD ids: CVE-2016-2454

Forescout Research reveals 162 vulnerabilities in connected medical devices, elevating risks to patient data and safety - Industrial Cyber

Trust: 4.25

Fetched: Nov. 1, 2024, 9:52 a.m., Published: Oct. 30, 2024, 1:02 p.m.
 Vulnerabilities: denial of service, information disclosure, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2017-0143

Rockwell Automation Devices Vulnerable to Unauthorized Entry - Teach Read Online

Trust: 4.75

Fetched: Nov. 1, 2024, 9:51 a.m., Published: Aug. 5, 2024, 8:05 a.m.
 Vulnerabilities: security bypass
Affected productsExternal IDs
vendor: rockwell model: 1756-en2f series c
vendor: rockwell model: controllogix 5580
vendor: rockwell model: 1756-en2tr series
vendor: rockwell model: 1756-en2tr series c
vendor: rockwell model: controllogix
vendor: rockwell model: 1756-en3tr series
vendor: rockwell model: automation controllogix
vendor: rockwell model: 1756-en2t series
vendor: rockwell model: controllogix controller
vendor: rockwell model: 1756-en2f series
vendor: rockwell model: 1756-en3tr series b
vendor: rockwell model: guardlogix
vendor: rockwell automation model: 1756-en2f series c
vendor: rockwell automation model: controllogix 5580
vendor: rockwell automation model: 1756-en2tr series
vendor: rockwell automation model: 1756-en2tr series c
vendor: rockwell automation model: controllogix
vendor: rockwell automation model: 1756-en3tr series
vendor: rockwell automation model: automation controllogix
vendor: rockwell automation model: 1756-en2t series
vendor: rockwell automation model: controllogix controller
vendor: rockwell automation model: 1756-en2f series
vendor: rockwell automation model: 1756-en3tr series b
vendor: rockwell automation model: guardlogix
db: NVD ids: CVE-2024-6242

Detailed Analysis and Mitigation Strategies for CVE-2024-45615 in Red Hat Products

Trust: 4.0

Fetched: Nov. 1, 2024, 9:50 a.m., Published: Nov. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: opensc model: opensc
db: NVD ids: CVE-2024-45615