Sign-up

VARIoT news about IoT security

Lighting Control Breached The Security Pitfalls of Smart Bulbs

Trust: 3.5

Fetched: March 10, 2024, 10:19 a.m., Published: Feb. 24, 2024, midnight
 Vulnerabilities: default password
Affected productsExternal IDs

Apple users urged to update devices after app vulnerability found to give attackers access to data | The Straits Times

Trust: 3.0

Fetched: March 10, 2024, 10:17 a.m., Published: March 1, 2024, 10:45 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos

CVE-2023-42873 - Critical Vulnerability Allows Arbitrary Code Execution with Kernel Privileges

Trust: 5.5

Fetched: March 10, 2024, 10:16 a.m., Published: Feb. 21, 2024, 7:15 a.m.
 Vulnerabilities: code execution, improper bounds checking
Affected productsExternal IDs
vendor: apple model: tvos
vendor: apple model: macos
db: NVD ids: CVE-2023-42873

Qualys CyberSecurity Asset Management Expands to Detect Unauthorized Devices Across Hybrid Environments - Enterprise Channels MEA

Trust: 3.0

Fetched: March 10, 2024, 10:13 a.m., Published: Feb. 27, 2024, 5:17 a.m.
 Vulnerabilities: -
Affected productsExternal IDs

Oracle Linux 9 : keylime (ELSA-2024-1139) - vulnerability database | Vulners.com

Trust: 3.0

Fetched: March 10, 2024, 10:12 a.m., Published: March 6, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-3674

CVE-2024-2352 - vulnerability database | Vulners.com

Trust: 3.0

Fetched: March 10, 2024, 10:09 a.m., Published: March 10, 2024, 2:16 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-2352

Critical Fortinet FortiOS bug CVE-2024-21762 potentially impact 150,000 internet-facing devices

Trust: 4.0

Fetched: March 10, 2024, 10:07 a.m., Published: March 9, 2024, 4:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21762

Wireless Security Vulnerabilities: Jamming Risks Explained

Trust: 3.75

Fetched: March 10, 2024, 10:07 a.m., Published: Aug. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202005-0696

Trust: 4.0

Fetched: March 10, 2024, 10:06 a.m., Published: March 10, 2023, midnight
 Vulnerabilities: privilege escalation, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2024-21410, CVE-2020-3259

How do I report a security vulnerability/incident for ClickShare and wePresent devices? - Barco

Trust: 3.0

Fetched: March 10, 2024, 10 a.m., Published: March 20, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: barco model: clickshare

Mitigation Instructions for CVE-2016- 20017

Related entries in the VARIoT vulnerabilities database: VAR-202210-1176

Trust: 6.75

Fetched: March 10, 2024, 10 a.m., Published: March 2, 2024, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dsl-2750b router
vendor: d-link model: router
vendor: d-link model: dsl-2750b
db: NVD ids: CVE-2016-20017

Pixel Update Bulletin-March 2024 | Android Open Source Project

Trust: 4.25

Fetched: March 10, 2024, 9:59 a.m., Published: March 10, 2024, midnight
 Vulnerabilities: denial of service, code execution, information disclosure
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2024-25985, CVE-2024-27213, CVE-2024-27220, CVE-2024-27230, CVE-2023-33090, CVE-2024-27234, CVE-2024-27207, CVE-2024-27208, CVE-2024-25993, CVE-2024-27225, CVE-2024-27223, CVE-2024-25989, CVE-2024-22010, CVE-2024-27221, CVE-2024-25990, CVE-2024-22009, CVE-2023-33078, CVE-2024-27237, CVE-2024-27226, CVE-2024-22006, CVE-2024-27236, CVE-2024-22011, CVE-2024-27210, CVE-2024-22008, CVE-2024-27235, CVE-2023-37368, CVE-2023-50806, CVE-2024-27218, CVE-2024-25988, CVE-2024-27222, CVE-2024-27209, CVE-2024-27205, CVE-2024-27233, CVE-2023-50807, CVE-2024-25986, CVE-2024-27227, CVE-2024-27212, CVE-2023-36481, CVE-2024-27219, CVE-2023-49927, CVE-2024-27224, CVE-2023-50805, CVE-2024-27211, CVE-2024-25987, CVE-2024-27206, CVE-2024-25984, CVE-2024-22007, CVE-2023-50804, CVE-2024-22005, CVE-2024-27228, CVE-2024-25991, CVE-2024-27204, CVE-2024-25992, CVE-2024-27229

Log4j Vulnerability Explained⚠️ - Wallarm

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011

Trust: 4.5

Fetched: March 10, 2024, 9:59 a.m., Published: May 10, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: essential model: phone
vendor: cisco model: routers
vendor: apple model: iphone
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-44832

Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection and Buffer Overflow Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202403-1815

Trust: 5.75

Fetched: March 10, 2024, 9:58 a.m., Published: March 6, 2024, 4:13 p.m.
 Vulnerabilities: buffer overflow, command injection
Affected productsExternal IDs
vendor: cisco model: access points
vendor: cisco model: small business
vendor: cisco model: cisco small business
vendor: cisco model: series
db: NVD ids: CVE-2024-20336, CVE-2024-20335

About the security content of iOS 17.4 and iPadOS 17.4 - Apple Support

Trust: 4.25

Fetched: March 10, 2024, 9:57 a.m., Published: March 17, 2024, midnight
 Vulnerabilities: buffer overflow, code execution, memory corruption...
Affected productsExternal IDs
vendor: trend micro model: security
vendor: apple model: webkit
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
vendor: trend model: security
db: NVD ids: CVE-2024-23293, CVE-2024-23242, CVE-2024-23241, CVE-2024-23252, CVE-2024-23265, CVE-2024-23255, CVE-2024-23263, CVE-2024-23250, CVE-2024-23235, CVE-2024-23243, CVE-2024-0258, CVE-2024-23262, CVE-2022-48554, CVE-2024-23254, CVE-2024-23239, CVE-2024-23256, CVE-2024-23226, CVE-2024-23296, CVE-2024-23280, CVE-2024-23240, CVE-2024-23205, CVE-2024-23288, CVE-2024-23225, CVE-2024-23278, CVE-2024-23289, CVE-2024-23284, CVE-2024-23292, CVE-2024-23297, CVE-2024-23246, CVE-2024-23259, CVE-2024-23286, CVE-2024-23231, CVE-2024-23273, CVE-2024-23264, CVE-2024-23290, CVE-2024-23287, CVE-2024-23277, CVE-2024-23220, CVE-2024-23270, CVE-2024-23291

Helmet Hack - Hackster.io

Trust: 3.0

Fetched: March 10, 2024, 9:56 a.m., Published: May 10, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Cisco Duo Authentication for Windows Logon and RDP Authentication Bypass Vulnerability - Cisco

Trust: 4.25

Fetched: March 10, 2024, 9:55 a.m., Published: March 6, 2024, 10:15 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs

ConnectWise ScreenConnect 23.9.8 security fix

Trust: 3.5

Fetched: March 10, 2024, 9:54 a.m., Published: Feb. 19, 2024, 10:37 p.m.
 Vulnerabilities: authentication bypass, path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2024-1709

CVE-2021-46985 - vulnerability database | Vulners.com

Trust: 3.25

Fetched: March 10, 2024, 9:53 a.m., Published: Feb. 28, 2024, 9:15 a.m.
 Vulnerabilities: memory leak
Affected productsExternal IDs
db: NVD ids: CVE-2021-46985

iOS 17.4-Update Now Warning Issued To All iPhone Users

Trust: 4.5

Fetched: March 10, 2024, 9:52 a.m., Published: March 8, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: ipod touch
vendor: apple model: tvos
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: ipad
db: NVD ids: CVE-2024-23225, CVE-2024-23284, CVE-2024-23239, CVE-2024-23270, CVE-2024-23263, CVE-2024-23226, CVE-2024-23296, CVE-2024-23286