VARIoT latest news about IoT security

System BIOS komputerów Dell Inspiron 15 3511 i Vostro 15 3510 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Sept. 25, 2024, 10:04 a.m., Published: Sept. 10, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Alienware x14 R2/x16 R1 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Sept. 25, 2024, 10:03 a.m., Published: Sept. 12, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Pentester Guide: Weak or Default Credentials \| Cobalt Trust: 5.25 Fetched: Sept. 25, 2024, 10:02 a.m., Published: -	Vulnerabilities: default password, default credentials

Affected products

External IDs

vendor:	google	model:	home
vendor:	sonicwall	model:	remote access

Are Indian iPhone Users at Risk? Detailed Outlook Trust: 3.0 Fetched: Sept. 25, 2024, 10:01 a.m., Published: Sept. 19, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	watchos
vendor:	apple	model:	macos
vendor:	apple	model:	tvos

Direct Memory Access (DMA) attacks. Risks, techniques, and mitigations in hardware hacking \| Pen Test Partners Related entries in the VARIoT vulnerabilities database: VAR-201704-0340 Trust: 4.25 Fetched: Sept. 25, 2024, 10 a.m., Published: Sept. 23, 2020, midnight	Vulnerabilities: code execution, code injection

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	dell	model:	optiplex

db:

NVD

ids:

CVE-2016-7585

PKfail security flaw is far more extensive than initially thought \| TechSpot Trust: 3.75 Fetched: Sept. 25, 2024, 9:55 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

lenovo

model:

system

db:

NVD

ids:

CVE-2024-8105

BitSight discloses zero-day vulnerabilities in ATG systems, posing major threat to critical infrastructure - Industrial Cyber Trust: 4.25 Fetched: Sept. 25, 2024, 9:54 a.m., Published: Sept. 25, 2024, 7:16 a.m.	Vulnerabilities: sql injection, path traversal

Affected products

External IDs

vendor:	schneider electric	model:	monitor
vendor:	trend	model:	security
vendor:	schneider	model:	monitor

Critical Microchip Vulnerability In Advanced Software Framework Trust: 3.75 Fetched: Sept. 25, 2024, 9:53 a.m., Published: Sept. 25, 2024, 8:16 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-7490

Security and Privacy Protection of Internet of Things Devices in 6G Networks \| International Journal of System Assurance Engineering and Management Trust: 3.5 Fetched: Sept. 25, 2024, 9:52 a.m., Published: Sept. 24, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

home

Critical CVE-2024-7490 Microchip ASF IOT Vulnerability Trust: 3.5 Fetched: Sept. 25, 2024, 9:52 a.m., Published: Sept. 23, 2024, 1:21 p.m.	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2024-7490

Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120 - SANS Internet Storm Center Trust: 4.75 Fetched: Sept. 25, 2024, 9:51 a.m., Published: April 9, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	tplink	model:	gateway
vendor:	tplink	model:	routers

db:

NVD

ids:

CVE-2024-7120

Exploding pagers and walkie-talkies are a reminder of how easily your devices can be hacked - here’s how to make sure they are safe Trust: 3.75 Fetched: Sept. 25, 2024, 9:51 a.m., Published: Sept. 24, 2024, 6:32 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

huawei

model:

huawei

A sotware for a networking device is written \| StudyX Trust: 4.0 Fetched: Sept. 25, 2024, 9:50 a.m., Published: Sept. 1, 2024, midnight	Vulnerabilities: buffer overflow

Affected products	External IDs

Apple iOS 17.2.1 Screen Time Passcode Retrieval / Mitigation Bypass Trust: 3.25 Fetched: Sept. 25, 2024, 9:49 a.m., Published: Feb. 17, 2001, midnight	Vulnerabilities: brute force attack, privilege escalation

Affected products

External IDs

vendor:	apple	model:	watch
vendor:	apple	model:	icloud

Intercepting Impact: 2024 Trend Micro Cyber Risk Report \| Trend Micro (ES) Trust: 4.0 Fetched: Sept. 25, 2024, 9:48 a.m., Published: Sept. 25, 2024, midnight	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2024-30051, CVE-2023-30040, CVE-2023-6345, CVE-2023-4762, CVE-2023-4863, CVE-2024-26169

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution Trust: 5.0 Fetched: Sept. 25, 2024, 9:46 a.m., Published: Sept. 24, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

Apple iOS 17.2.1 Screen Time Passcode Retrieval / Mitigation Bypass ≈ Packet Storm Trust: 4.25 Fetched: Sept. 25, 2024, 9:45 a.m., Published: Feb. 17, 2001, midnight	Vulnerabilities: brute force attack, privilege escalation

Affected products

External IDs

vendor:	apple	model:	watch
vendor:	apple	model:	icloud
vendor:	apple inc.	model:	watch
vendor:	apple inc.	model:	icloud

20,000 WordPress Sites Affected by Privilege Escalation Vulnerability in WCFM - WooCommerce Frontend Manager WordPress Plugin Trust: 3.75 Fetched: Sept. 25, 2024, 9:44 a.m., Published: Sept. 24, 2024, 6:02 p.m.	Vulnerabilities: privilege escalation

Affected products	External IDs

Multiple critical zero day vulnerabilities found in military and filling station fuel tanks Trust: 3.75 Fetched: Sept. 25, 2024, 9:44 a.m., Published: Sept. 24, 2024, 4:58 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8497

Vulnerability in compression algorithm - Splunk Community Trust: 3.25 Fetched: Sept. 25, 2024, 9:43 a.m., Published: July 15, 2024, 8:18 a.m.	Vulnerabilities: information leakage

Affected products	External IDs

VARIoT news about IoT security