Sign-up

VARIoT news about IoT security

Rockwell Automation Devices Flaw Let Hackers Gain Unauthorized Access

Trust: 3.75

Fetched: Aug. 6, 2024, 9:35 a.m., Published: Aug. 5, 2024, 8:08 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: rockwell model: controllogix 5580
vendor: rockwell model: controllogix
vendor: rockwell model: controllogix controllers
vendor: rockwell model: guardlogix controllers
vendor: rockwell model: guardlogix
vendor: snort model: snort
vendor: rockwell automation model: controllogix 5580
vendor: rockwell automation model: controllogix
vendor: rockwell automation model: controllogix controllers
vendor: rockwell automation model: guardlogix controllers
vendor: rockwell automation model: guardlogix
db: NVD ids: CVE-2024-6242

Android Security Bulletin-August 2024 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202408-1859, VAR-202408-2138

Trust: 4.25

Fetched: Aug. 6, 2024, 9:33 a.m., Published: Aug. 6, 2024, midnight
 Vulnerabilities: denial of service, information disclosure, code execution
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: samsung model: notes
vendor: samsung model: mobile
vendor: samsung model: note
vendor: samsung model: samsung
vendor: google model: android
vendor: google model: pixel
vendor: motorola model: motorola
vendor: motorola model: android
db: NVD ids: CVE-2024-36971, CVE-2024-34727, CVE-2024-34734, CVE-2024-2937, CVE-2024-34738, CVE-2024-34737, CVE-2024-34736, CVE-2024-23356, CVE-2024-4607, CVE-2024-23357, CVE-2024-34731, CVE-2024-34739, CVE-2023-21351, CVE-2024-23355, CVE-2024-34741, CVE-2024-31333, CVE-2024-34743, CVE-2024-34735, CVE-2024-20082, CVE-2024-34742, CVE-2024-23350, CVE-2024-23353, CVE-2023-20971, CVE-2024-34740, CVE-2024-21481, CVE-2024-23352

Threat Actors Actively Exploiting CVE-2024-24919: Underground Forums Share IP Addresses of Vulnerable Check Point Security Gateway Devices - CYFIRMA

Trust: 5.25

Fetched: Aug. 6, 2024, 9:31 a.m., Published: July 12, 2024, midnight
 Vulnerabilities: information disclosure, path traversal
Affected productsExternal IDs
vendor: check point model: check point
vendor: check point model: security gateway
vendor: check point model: quantum security gateway
db: NVD ids: CVE-2024-24919

Zero-Day Vulnerability | JFrog

Related entries in the VARIoT vulnerabilities database: VAR-202107-1010, VAR-202112-0566, VAR-202008-0248

Trust: 3.75

Fetched: Aug. 6, 2024, 9:30 a.m., Published: June 12, 2024, 11:43 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-34527, CVE-2021-44228, CVE-2024-23478, CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, CVE-2020-1472, CVE-2021-26858

UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware - Eclypsium | Supply Chain Security for the Modern Enterprise

Trust: 4.25

Fetched: Aug. 6, 2024, 9:30 a.m., Published: June 19, 2024, 6:59 p.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: lenovo model: system
vendor: lenovo model: desktop
vendor: lenovo model: bios
vendor: lenovo model: thinkpad x1 carbon
vendor: lenovo model: yoga
vendor: lenovo model: updates
vendor: lenovo model: thinkpad x1
vendor: lenovo model: thinkpad
db: NVD ids: CVE-2024-0762

Bitdefender VPN Unaffected by TunnelVision Vulnerability (CVE-2024-3661)

Related entries in the VARIoT vulnerabilities database: VAR-202405-0458

Trust: 4.25

Fetched: Aug. 6, 2024, 9:29 a.m., Published: May 24, 2024, 1:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2024-3661

Critical Security Bypass Vulnerability Found in Rockwell Automation ControlLogix 1756 Devices - VULNERA

Trust: 4.75

Fetched: Aug. 6, 2024, 9:27 a.m., Published: Aug. 5, 2024, 6:07 a.m.
 Vulnerabilities: security bypass
Affected productsExternal IDs
vendor: rockwell model: automation controllogix
vendor: rockwell model: controllogix
vendor: rockwell model: controllogix controller
vendor: rockwell automation model: automation controllogix
vendor: rockwell automation model: controllogix
vendor: rockwell automation model: controllogix controller
db: NVD ids: CVE-2024-6242

Solved: Armor portal, devices show as disconnected, and vu... - NETGEAR Communities

Trust: 3.75

Fetched: Aug. 6, 2024, 9:27 a.m., Published: June 25, 2024, 8 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: netgear model: router
vendor: netgear model: orbi
vendor: netgear model: rbr750

UEFIcanhazbufferoverflow Vulnerability Impacts Intel CPUs

Trust: 5.0

Fetched: Aug. 6, 2024, 9:27 a.m., Published: June 21, 2024, 8:56 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-0762

Bypassing Rockwell Automation Logix Controllers’ Local Chassis Security Protection | Claroty

Trust: 5.5

Fetched: Aug. 6, 2024, 9:26 a.m., Published: -
 Vulnerabilities: security bypass
Affected productsExternal IDs
vendor: rockwell model: automation controllogix
vendor: rockwell model: studio 5000
vendor: rockwell model: controllogix
vendor: rockwell model: guardlogix
vendor: rockwell automation model: automation controllogix
vendor: rockwell automation model: studio 5000
vendor: rockwell automation model: controllogix
vendor: rockwell automation model: guardlogix
vendor: snort model: snort
vendor: wireshark model: wireshark
db: NVD ids: CVE-2024-6242

Juniper Networks Releases Security Updates for a Critical 10.0 Vulnerability

Trust: 5.0

Fetched: Aug. 6, 2024, 9:26 a.m., Published: July 1, 2024, 6:45 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-2973

Google Warns of Actively Exploited Pixel Firmware Vulnerability - Cyber and Fraud Centre - Scotland

Trust: 4.5

Fetched: Aug. 6, 2024, 9:25 a.m., Published: June 13, 2024, 10:26 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-32896

Linux kernel exploitation SLUBStick can read and write memory arbitrarily | SC Media

Trust: 3.75

Fetched: Aug. 6, 2024, 9:25 a.m., Published: June 11, 2024, 5 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs

Wi-Fi Vulnerability Threat for All Windows Users - Altek Business Systems

Trust: 3.25

Fetched: Aug. 6, 2024, 9:25 a.m., Published: June 25, 2024, 8 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-30078

Google Patches Exploited Android Zero-Day on Pixel Devices

Trust: 4.5

Fetched: Aug. 6, 2024, 9:24 a.m., Published: Aug. 3, 2024, midnight
 Vulnerabilities: code execution, information disclosure, privilege escalation
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-32896, CVE-2024-29745, CVE-2024-29748, CVE-2024-4610

Hacking Millions of Modems (and Investigating Who Hacked My Modem)

Trust: 3.25

Fetched: Aug. 6, 2024, 9:22 a.m., Published: Aug. 6, 2069, midnight
 Vulnerabilities: code execution, authorization error, directory traversal
Affected productsExternal IDs
vendor: essential model: phone
vendor: nokia model: series
vendor: nokia model: impact
vendor: cisco model: router
vendor: cisco model: series
vendor: cisco model: leap
vendor: cisco model: support tools
vendor: cisco model: network access control
vendor: google model: wifi
vendor: google model: home

Vulnerability Recap 8/5/24: Windows, VMware, Android, Apple

Trust: 4.25

Fetched: Aug. 6, 2024, 9:22 a.m., Published: Aug. 5, 2024, 7:51 p.m.
 Vulnerabilities: security bypass, code execution, authentication bypass...
Affected productsExternal IDs
vendor: rockwell model: automation controllogix
vendor: rockwell model: controllogix
vendor: rockwell model: guardlogix
vendor: apple model: watch
vendor: rockwell automation model: automation controllogix
vendor: rockwell automation model: controllogix
vendor: rockwell automation model: guardlogix
db: NVD ids: CVE-2024-32113, CVE-2024-37085

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

Trust: 4.75

Fetched: Aug. 6, 2024, 9:21 a.m., Published: Aug. 3, 2024, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: mesh model: mesh
db: NVD ids: CVE-2023-52424

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Trust: 5.5

Fetched: Aug. 6, 2024, 9:21 a.m., Published: Aug. 6, 2024, 6:12 a.m.
 Vulnerabilities: code execution, information disclosure, privilege escalation
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-36971, CVE-2024-32896, CVE-2018-0824, CVE-2024-29748, CVE-2024-29745

CERT-EU - Critical Vulnerability in Juniper Networks Products

Trust: 5.25

Fetched: Aug. 6, 2024, 9:21 a.m., Published: -
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-2973