Sign-up

VARIoT news about IoT security

Configure Microsoft Defender for Endpoint on iOS features - Microsoft Defender for Endpoint | Microsoft Learn

Trust: 3.0

Fetched: Oct. 2, 2024, 10:13 a.m., Published: Aug. 29, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad

Zyxel warns of vulnerabilities in a wide range of its products | Ars Technica

Trust: 4.5

Fetched: Oct. 2, 2024, 10:13 a.m., Published: Sept. 4, 2024, 6:57 p.m.
 Vulnerabilities: cross-site scripting, pointer dereference vulnerability, command injection...
Affected productsExternal IDs
db: NVD ids: CVE-2024-42059, CVE-2024-6343, CVE-2024-42060, CVE-2024-42061, CVE-2024-5412, CVE-2024-7203, CVE-2024-42057, CVE-2024-7261, CVE-2024-42058

Cisco Cyber Vision Data Sheet - Cisco

Trust: 3.5

Fetched: Oct. 2, 2024, 10:10 a.m., Published: Aug. 30, 2024, 4:03 p.m.
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: snort model: snort
vendor: cisco model: cisco ucs manager
vendor: cisco model: ic3000
vendor: cisco model: ic3000 industrial compute gateway
vendor: cisco model: catalyst
vendor: cisco model: series routers
vendor: cisco model: identity services engine
vendor: cisco model: ucs manager
vendor: cisco model: cisco ic3000 industrial compute gateway
vendor: cisco model: router
vendor: cisco model: series
vendor: cisco model: firepower
vendor: cisco model: integrated management controller
vendor: cisco model: umbrella
vendor: cisco model: cisco integrated management controller
vendor: cisco model: series switch
vendor: cisco model: routers
vendor: cisco model: cisco identity services engine

Android Security Bulletin-September 2024 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202409-0017

Trust: 4.25

Fetched: Oct. 2, 2024, 10:08 a.m., Published: Sept. 2, 2024, midnight
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: notes
vendor: samsung model: note
vendor: motorola model: android
vendor: motorola model: motorola
vendor: google model: pixel
vendor: google model: android
vendor: huawei model: huawei
db: NVD ids: CVE-2024-39431, CVE-2024-33051, CVE-2024-40652, CVE-2024-40658, CVE-2024-40656, CVE-2024-32896, CVE-2024-23362, CVE-2024-36972, CVE-2024-23365, CVE-2024-40662, CVE-2024-23359, CVE-2024-31336, CVE-2024-39432, CVE-2024-33016, CVE-2024-23358, CVE-2024-40657, CVE-2024-23716, CVE-2024-40650, CVE-2024-40659, CVE-2024-3655, CVE-2024-23364, CVE-2024-40655, CVE-2024-40654

WiFi IoT Device Security Issues Found on ESP32 and ESP8266

Trust: 3.75

Fetched: Oct. 2, 2024, 10:06 a.m., Published: Dec. 18, 2020, 4:16 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2019-12588, CVE-2019-12586, CVE-2019-12587

Cybersecurity Vulnerabilities: Types, Examples, and more

Trust: 3.75

Fetched: Oct. 2, 2024, 10:03 a.m., Published: Jan. 10, 2023, 11:13 a.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: manageengine model: network configuration manager

Western Digital My Cloud Flaw Let Attackers Execute Arbitrary Code

Trust: 4.5

Fetched: Oct. 2, 2024, 10:03 a.m., Published: Oct. 1, 2024, 4:14 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2024-22170

The Looming Threat of Unsecured IoT Devices: A Deep Dive

Trust: 3.75

Fetched: Oct. 2, 2024, 10:02 a.m., Published: -
 Vulnerabilities: code injection, denial of service
Affected productsExternal IDs

Mobile Threat Defense with Microsoft Intune - Microsoft Intune | Microsoft Learn

Trust: 3.5

Fetched: Oct. 2, 2024, 10:02 a.m., Published: Aug. 21, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sophos model: endpoint protection
vendor: sophos model: mobile
vendor: trend model: security
vendor: blackberry model: blackberry
vendor: symantec model: symantec endpoint protection
vendor: symantec model: endpoint protection
vendor: trend micro model: security
vendor: check point model: check point

Cybersecurity Vulnerabilities [Complete Guide] - Sprinto

Trust: 3.5

Fetched: Oct. 2, 2024, 10:01 a.m., Published: Sept. 9, 2024, 11:32 a.m.
 Vulnerabilities: weak password, sql injection
Affected productsExternal IDs

A Vulnerability in Cisco Secure Email Gateway Could Allow for Remote Code Execution

Trust: 4.25

Fetched: Oct. 2, 2024, 9:58 a.m., Published: July 22, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Cisco SD-WAN vEdge Software UDP Packet Validation Denial of Service Vulnerability - Cisco

Trust: 5.0

Fetched: Oct. 2, 2024, 9:58 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: vedge
vendor: cisco model: sd-wan vedge
vendor: cisco model: cisco sd-wan vedge
vendor: cisco model: cisco sd-wan
vendor: cisco model: sd-wan

Vulnerability in Cisco Smart Software Manager lets attackers change any user password | Ars Technica

Trust: 4.0

Fetched: Oct. 2, 2024, 9:55 a.m., Published: July 17, 2024, 7:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-20419

Android Security Bulletin-August 2024 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202408-2138, VAR-202408-1859

Trust: 4.25

Fetched: Oct. 2, 2024, 9:54 a.m., Published: Aug. 2, 2024, midnight
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: notes
vendor: samsung model: note
vendor: motorola model: android
vendor: motorola model: motorola
vendor: google model: pixel
vendor: google model: android
vendor: huawei model: huawei
db: NVD ids: CVE-2024-34738, CVE-2024-34736, CVE-2023-20971, CVE-2024-34737, CVE-2023-21351, CVE-2024-34735, CVE-2024-34734, CVE-2024-23356, CVE-2024-31333, CVE-2024-23355, CVE-2024-34731, CVE-2024-21481, CVE-2024-34740, CVE-2024-34727, CVE-2024-34739, CVE-2024-23357, CVE-2024-23350, CVE-2024-34742, CVE-2024-34741, CVE-2024-23353, CVE-2024-2937, CVE-2024-23352, CVE-2024-36971, CVE-2024-4607, CVE-2024-20082, CVE-2024-34743

15 Best Vulnerability Assessment Scanning Tools (Free and Paid) for 2024

Trust: 4.25

Fetched: Oct. 2, 2024, 9:52 a.m., Published: June 30, 2021, 3:31 p.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: netbsd model: current
vendor: tripwire model: ip360
vendor: aircrack-ng model: aircrack-ng

PKfail Vulnerability Allows Hackers to Install UEFI Malware

Trust: 3.5

Fetched: Oct. 2, 2024, 9:50 a.m., Published: July 26, 2024, 8:42 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: dell model: bios
vendor: lenovo model: bios
vendor: lenovo model: updates
vendor: lenovo model: system

Security Advisory | Rockwell Automation | US

Trust: 3.75

Fetched: Oct. 2, 2024, 9:50 a.m., Published: May 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: rockwell automation model: guardlogix
vendor: rockwell automation model: controllogix
vendor: rockwell model: guardlogix
vendor: rockwell model: controllogix
db: NVD ids: CVE-2024-6242

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! | Malwarebytes

Trust: 3.75

Fetched: Oct. 2, 2024, 9:49 a.m., Published: July 31, 2024, 1:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: apple tv
vendor: apple model: watch
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: software update
vendor: apple model: ipod touch
vendor: apple model: safari
vendor: apple model: ipad

The Vulnerability Relationship Prediction Research for Network Risk Assessment

Related entries in the VARIoT vulnerabilities database: VAR-202202-0325, VAR-201605-0077, VAR-202202-0322

Trust: 4.5

Fetched: Oct. 2, 2024, 9:47 a.m., Published: Jan. 2, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: accesspath
vendor: cisco model: series
vendor: cisco model: rv340
db: NVD ids: CVE-2019-2887, CVE-2020-1745, CVE-2022-20705, CVE-2016-2107, CVE-2022-20707, CVE-2019-2729

What Is an Authentication Bypass Vulnerability? | StrongDM

Trust: 3.5

Fetched: Oct. 2, 2024, 9:45 a.m., Published: Oct. 4, 2024, midnight
 Vulnerabilities: authentication bypass, brute force attack, code execution
Affected productsExternal IDs
vendor: delegate model: delegate