Sign-up

VARIoT news about IoT security

ESP32 Fault Injection Vulnerability - Impact Analysis | Espressif Systems

Trust: 4.5

Fetched: May 3, 2024, 9:19 a.m., Published: Jan. 2, 2020, midnight
 Vulnerabilities: injection attack
Affected productsExternal IDs
vendor: espressif model: esp32-wrover
vendor: espressif systems model: esp32-wrover

VMSA-2023-0014: Questions & Answers | VMware

Trust: 4.5

Fetched: May 3, 2024, 9:18 a.m., Published: May 6, 2024, midnight
 Vulnerabilities: service crash
Affected productsExternal IDs
vendor: dell model: emc vxrail
vendor: dell emc model: emc vxrail
db: NVD ids: CVE-2023-20895, CVE-2023-20892, CVE-2023-20894, CVE-2023-20896, CVE-2023-20893

Smart Yet Flawed: IoT Device Vulnerabilities Explained - Security News - Trend Micro MY

Related entries in the VARIoT vulnerabilities database: VAR-202003-1707

Trust: 4.25

Fetched: May 3, 2024, 9:16 a.m., Published: -
 Vulnerabilities: default credentials, denial of service
Affected productsExternal IDs
vendor: sonos model: sonos
vendor: trend model: internet security
vendor: trend model: home network security
vendor: trend model: security
vendor: trend micro model: internet security
vendor: trend micro model: home network security
vendor: trend micro model: security
db: NVD ids: CVE-2020-9054

Amazon fixes Ring Video Doorbell wi-fi security vulnerability | ZDNET

Trust: 3.5

Fetched: May 3, 2024, 9:15 a.m., Published: May 5, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: ring model: ring video doorbell pro
vendor: ring model: video doorbell
vendor: ring model: ring video doorbell
vendor: ring model: video doorbell pro
vendor: amazon model: ring video doorbell

Vulnerability audits for network devices - Titania

Related entries in the VARIoT vulnerabilities database: VAR-202109-0631

Trust: 3.5

Fetched: May 3, 2024, 9:12 a.m., Published: May 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: routers
vendor: cisco model: router
db: NVD ids: CVE-2021-34771

Intel Chipset Device Software Vulnerability - Lenovo Support US

Related entries in the VARIoT vulnerabilities database: VAR-201906-0915

Trust: 4.75

Fetched: May 3, 2024, 9:11 a.m., Published: -
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: lenovo model: thinkpad p1
vendor: lenovo model: thinkpad x390
vendor: lenovo model: thinkpad l480
vendor: lenovo model: thinkpad p50s
vendor: lenovo model: thinkserver rd440
vendor: lenovo model: thinkpad l560
vendor: lenovo model: 20ac
vendor: lenovo model: thinkpad
vendor: lenovo model: thinkstation
vendor: lenovo model: 20b7
vendor: lenovo model: thinkpad l470
vendor: lenovo model: desktop
vendor: lenovo model: thinkpad t470s
vendor: lenovo model: thinkpad t430s
vendor: lenovo model: 20be
vendor: lenovo model: 20da
vendor: lenovo model: thinkpad w530
vendor: lenovo model: thinkpad x270
vendor: lenovo model: thinkserver rd650
vendor: lenovo model: 34xx
vendor: lenovo model: thinkserver sd350
vendor: lenovo model: 20aa
vendor: lenovo model: thinkserver ts250
vendor: lenovo model: thinkpad 10
vendor: lenovo model: thinkserver ts150
vendor: lenovo model: 20bf
vendor: lenovo model: thinkpad x280
vendor: lenovo model: 20an
vendor: lenovo model: 244x
vendor: lenovo model: 20jq
vendor: lenovo model: thinkstation p500
vendor: lenovo model: thinkpad s5 yoga
vendor: lenovo model: thinkserver ts240
vendor: lenovo model: thinkpad yoga 260
vendor: lenovo model: 246x
vendor: lenovo model: thinkpad e450
vendor: lenovo model: thinkpad e480
vendor: lenovo model: thinkpad edge e445
vendor: lenovo model: thinkstation p720
vendor: lenovo model: thinkpad helix 20cg
vendor: lenovo model: thinkserver rd340
vendor: lenovo model: thinkpad s5
vendor: lenovo model: thinkpad e455
vendor: lenovo model: thinkserver rd640
vendor: lenovo model: thinkpad e570p
vendor: lenovo model: thinkpad l460
vendor: lenovo model: thinkpad p52
vendor: lenovo model: thinkpad twist
vendor: lenovo model: thinkstation p710
vendor: lenovo model: thinkpad tablet 10
vendor: lenovo model: thinkstation d30 refresh
vendor: lenovo model: thinkpad x1 carbon
vendor: lenovo model: 20aq
vendor: lenovo model: 20bm
vendor: lenovo model: thinkpad 13e
vendor: lenovo model: thinkpad x240
vendor: lenovo model: 20a9
vendor: lenovo model: thinkserver ts440
vendor: lenovo model: thinkpad t480s
vendor: lenovo model: thinkserver ts450
vendor: lenovo model: thinkpad t490
vendor: lenovo model: 20am
vendor: lenovo model: thinkpad e485
vendor: lenovo model: thinkpad t490s
vendor: lenovo model: thinkstation s30 refresh
vendor: lenovo model: 247x
vendor: lenovo model: 232x
vendor: lenovo model: thinkpad s1 3rd
vendor: lenovo model: 20dr
vendor: lenovo model: thinkpad t570
vendor: lenovo model: thinkpad t460
vendor: lenovo model: thinkpad s5 yoga 15
vendor: lenovo model: 242x
vendor: lenovo model: thinkpad t460p
vendor: lenovo model: thinkpad p72
vendor: lenovo model: thinkpad l440
vendor: lenovo model: thinkpad x1
vendor: lenovo model: thinkpad l450
vendor: lenovo model: thinkstation s30
vendor: lenovo model: thinkserver td350
vendor: lenovo model: thinkstation p318
vendor: lenovo model: 233x
vendor: lenovo model: thinkpad 11e yoga
vendor: lenovo model: thinkpad yoga 11e
vendor: lenovo model: thinkpad p71
vendor: lenovo model: thinkpad a275
vendor: lenovo model: thinkpad l380 yoga
vendor: lenovo model: thinkpad edge e440
vendor: lenovo model: thinkpad e475
vendor: lenovo model: 20a8
vendor: lenovo model: thinkpad x260
vendor: lenovo model: thinkserver ts550
vendor: lenovo model: thinkpad s3
vendor: lenovo model: thinkpad s5/e560p
vendor: lenovo model: thinkpad yoga 14 460 s3
vendor: lenovo model: 20a7
vendor: lenovo model: thinkserver rd350
vendor: lenovo model: thinkserver rs160
vendor: lenovo model: thinkserver
vendor: lenovo model: thinkpad w540
vendor: lenovo model: thinkserver ts140
vendor: lenovo model: 20dq
vendor: lenovo model: 20f2
vendor: lenovo model: edge
vendor: lenovo model: thinkpad t470p
vendor: lenovo model: thinkpad 11e
vendor: lenovo model: thinkstation p510
vendor: lenovo model: thinkserver ts540
vendor: lenovo model: thinkpad t580
vendor: lenovo model: yoga
vendor: lenovo model: thinkpad s540
vendor: lenovo model: thinkpad x1 extreme
vendor: lenovo model: 230x
vendor: lenovo model: thinkpad x140e
vendor: lenovo model: thinkstation p320
vendor: lenovo model: thinkpad yoga
vendor: lenovo model: 20jr
vendor: lenovo model: 20d9
vendor: lenovo model: thinkpad p53s
vendor: lenovo model: yoga 11e
vendor: lenovo model: thinkpad x131e
vendor: lenovo model: 344x
vendor: lenovo model: thinkserver ts460
vendor: lenovo model: thinkstation p410
vendor: lenovo model: thinkpad l380
vendor: lenovo model: thinkstation p910
vendor: lenovo model: 20nq
vendor: lenovo model: thinkpad t460s
vendor: lenovo model: yoga 14
vendor: lenovo model: thinkpad t480
vendor: lenovo model: 3xxx
vendor: lenovo model: thinkpad x1 tablet
vendor: lenovo model: thinkpad t590
vendor: lenovo model: thinkpad e460
vendor: lenovo model: 343x
vendor: lenovo model: thinkpad t450
vendor: lenovo model: 20b3
vendor: lenovo model: thinkpad p50
vendor: lenovo model: 243x
vendor: lenovo model: thinkserver rd450
vendor: lenovo model: 20f1
vendor: lenovo model: thinkstation p320 tiny
vendor: lenovo model: 20bg
vendor: lenovo model: thinkpad p70
vendor: lenovo model: thinkpad w550s
vendor: lenovo model: thinkpad t440
vendor: lenovo model: thinkpad s3-s440
vendor: lenovo model: thinkpad x230
vendor: lenovo model: thinkpad x380 yoga
vendor: lenovo model: thinkserver rq750
vendor: lenovo model: thinkstation c30 refresh
vendor: lenovo model: thinkpad t470
vendor: lenovo model: thinkpad l570
vendor: lenovo model: thinkpad x1 yoga
vendor: lenovo model: thinkstation d30
vendor: lenovo model: thinkpad p52s
vendor: lenovo model: 20bl
vendor: lenovo model: thinkstation p310
vendor: lenovo model: thinkpad x250
vendor: lenovo model: thinkserver rd540
vendor: lenovo model: 20aw
vendor: lenovo model: 337x
vendor: lenovo model: thinkstation p520c
vendor: lenovo model: 336x
vendor: lenovo model: 20ef
vendor: lenovo model: thinkpad l430
vendor: lenovo model: 20b0
vendor: lenovo model: thinkpad helix
vendor: lenovo model: thinkpad a475
vendor: lenovo model: thinkstation p520
vendor: lenovo model: thinkstation p900
vendor: lenovo model: 20eg
vendor: lenovo model: thinkpad t540p
vendor: lenovo model: thinkpad p40
vendor: lenovo model: 20al
vendor: lenovo model: 20aj
vendor: lenovo model: thinkpad s1 yoga 12
vendor: lenovo model: thinkpad s3 yoga 14
vendor: lenovo model: thinkpad 13
vendor: lenovo model: thinkpad t440p
vendor: lenovo model: thinkpad tablet
vendor: lenovo model: thinkpad x240s
vendor: lenovo model: 20ab
vendor: lenovo model: thinkstation p700
vendor: lenovo model: thinkpad t431s
vendor: lenovo model: thinkpad e470
vendor: lenovo model: thinkpad p51
vendor: lenovo model: thinkserver rd550
vendor: lenovo model: 20b6
vendor: lenovo model: thinkpad e465
vendor: lenovo model: thinkpad tablet 8
vendor: lenovo model: updates
vendor: lenovo model: 20nn
vendor: lenovo model: thinkpad s1 yoga
vendor: lenovo model: system
vendor: lenovo model: thinkpad t530
vendor: lenovo model: 235x
vendor: lenovo model: thinkpad t550
vendor: lenovo model: thinkpad s3 yoga
vendor: lenovo model: thinkpad t430
vendor: lenovo model: 20ar
vendor: lenovo model: thinkserver td340
vendor: lenovo model: thinkpad x230 tablet
vendor: lenovo model: thinkpad t560
vendor: lenovo model: thinkstation c30
vendor: lenovo model: 248x
vendor: lenovo model: thinkpad p51s
vendor: lenovo model: thinkserver rs140
vendor: lenovo model: 20ak
vendor: lenovo model: 239x
vendor: lenovo model: thinkpad s531
vendor: lenovo model: thinkstation p920
vendor: lenovo model: thinkpad x390 yoga
vendor: lenovo model: 234x
vendor: lenovo model: thinkpad t25
db: NVD ids: CVE-2019-0128

The 9 Most Common Security Threats to Mobile Devices in 2021

Trust: 3.5

Fetched: May 3, 2024, 9:10 a.m., Published: June 25, 2021, midnight
 Vulnerabilities: brute force attack
Affected productsExternal IDs
vendor: apple model: watch
vendor: google model: wifi
vendor: google model: google home
vendor: google model: android
vendor: google model: home

Exploits for Palo Alto Networks zero-day published, patch up • The Register

Trust: 5.25

Fetched: April 30, 2024, 9:15 a.m., Published: -
 Vulnerabilities: command injection, code execution, directory traversal
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
vendor: palo model: networks
vendor: palo model: pan-os
db: NVD ids: CVE-2024-3400

Learn how to mitigate the Log4Shell vulnerability in Microsoft Defender for Endpoint - Defender Vulnerability Management - Microsoft Defender Vulnerability Management | Microsoft Learn

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.0

Fetched: April 30, 2024, 9:11 a.m., Published: June 29, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Brocade SANnav Management Software Vulnerabilities Allow Device Compromise - VULNERA

Trust: 4.0

Fetched: April 30, 2024, 9:11 a.m., Published: April 29, 2024, 6:49 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: broadcom model: linux
db: NVD ids: CVE-2024-2859, CVE-2024-29963

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices

Related entries in the VARIoT vulnerabilities database: VAR-201801-1052

Trust: 3.5

Fetched: April 30, 2024, 9:09 a.m., Published: April 24, 2024, 3:54 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: meraki mx
vendor: cisco model: adaptive security appliance
vendor: cisco model: adaptive_security_appliance
vendor: cisco model: adaptive_security_appliance_software
vendor: cisco model: series
vendor: cisco model: firepower
vendor: cisco model: umbrella
vendor: snort.org model: snort
vendor: snort model: snort
db: NVD ids: CVE-2018-0101, CVE-2024-20353, CVE-2024-20359

Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability

Trust: 4.0

Fetched: April 30, 2024, 9:06 a.m., Published: March 27, 2024, 3:55 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe software

The Top Ten IoT Vulnerabilities | Infosec

Trust: 3.5

Fetched: April 30, 2024, 9:06 a.m., Published: April 26, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

"Critical Vulnerability Allows Access to QNAP NAS Devices" | Science of Security Virtual Organization

Trust: 5.5

Fetched: April 28, 2024, 9:23 a.m., Published: April 9, 2024, midnight
 Vulnerabilities: command execution, authentication issue, code injection
Affected productsExternal IDs
vendor: qnap model: photo station
vendor: qnap systems model: photo station
db: NVD ids: CVE-2024-21901, CVE-2024-21900, CVE-2024-21899

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

Trust: 5.25

Fetched: April 28, 2024, 9:23 a.m., Published: March 5, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

CVE-2024-3273: D-Link NAS Vulnerability Threatens 92,000 Devices | CTF导航

Related entries in the VARIoT vulnerabilities database: VAR-202404-0070

Trust: 4.75

Fetched: April 28, 2024, 9:22 a.m., Published: April 7, 2024, midnight
 Vulnerabilities: command execution, command injection, denial of service
Affected productsExternal IDs
vendor: d-link model: dns-340l
vendor: d-link model: dns-325
vendor: d-link model: dns-320l
vendor: d-link model: dns-327l
db: NVD ids: CVE-2024-3273

Lenovo Devices Vulnerable to Authentication Bypass Attacks (CVE-2024-23592) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 4.25

Fetched: April 28, 2024, 9:20 a.m., Published: April 28, 2024, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-23592

Vulnerability Assessment and Risk Modeling of IoT Smart Home Devices | SpringerLink

Trust: 3.75

Fetched: April 28, 2024, 9:19 a.m., Published: April 28, 2024, midnight
 Vulnerabilities: -

CVE-2024-0029 -Unauthorized Screen Capture Vulnerability Risking Local Escalation of Privilege on Device Policy Controlled Systems

Trust: 3.0

Fetched: April 28, 2024, 9:17 a.m., Published: Feb. 16, 2024, 2:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-0029

Cisco IOS and IOS XE Software Vulnerability Could Lead to Device Reload and Denial of Service (CVE-2024-20311) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 5.0

Fetched: April 28, 2024, 9:11 a.m., Published: April 28, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2024-20311