Sign-up

VARIoT news about IoT security

Newest CVEs | Tenable®

Trust: 5.5

Fetched: Sept. 27, 2024, 9:26 a.m., Published: Jan. 27, 5295, midnight
 Vulnerabilities: header injection, request forgery, cross-site request forgery...
Affected productsExternal IDs
db: NVD ids: CVE-2024-8725, CVE-2024-45983, CVE-2024-41605, CVE-2024-46632, CVE-2024-47197, CVE-2024-43191, CVE-2024-30134, CVE-2024-8861, CVE-2024-31899, CVE-2024-44860, CVE-2024-9199, CVE-2024-46329, CVE-2024-7107, CVE-2024-45982, CVE-2024-4278, CVE-2024-47337, CVE-2024-37125, CVE-2024-46627, CVE-2024-46328, CVE-2024-45979, CVE-2024-46330, CVE-2024-9177, CVE-2024-45981, CVE-2024-9166, CVE-2024-47003, CVE-2024-47145, CVE-2024-46327, CVE-2024-7259, CVE-2024-7108, CVE-2024-45980, CVE-2024-8771, CVE-2024-47044, CVE-2022-4541, CVE-2024-9025, CVE-2024-9127, CVE-2024-9173, CVE-2024-8872, CVE-2024-8126, CVE-2024-39319, CVE-2024-9203, CVE-2024-45843, CVE-2024-9115, CVE-2024-9117, CVE-2024-8633, CVE-2023-46175, CVE-2024-42406, CVE-2024-9155, CVE-2024-9125, CVE-2024-9198, CVE-2024-8704

Compromised device remains vulnerable after firmware update (CVE-2022-29850) | Lexmark XC4150

Trust: 4.0

Fetched: Sept. 27, 2024, 9:26 a.m., Published: May 27, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lexmark model: xc4150
vendor: lexmark model: lexmark
db: NVD ids: CVE-2022-29850

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: Sept. 27, 2024, 9:25 a.m., Published: Sept. 11, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei

Security Advisory | Rockwell Automation

Related entries in the VARIoT vulnerabilities database: VAR-202408-1532

Trust: 3.0

Fetched: Sept. 27, 2024, 9:24 a.m., Published: May 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-40620

Printer bug sends researchers into uproar, affects major Linux distros | CyberScoop

Trust: 3.5

Fetched: Sept. 27, 2024, 9:24 a.m., Published: Sept. 26, 2024, 11:42 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
vendor: cups model: cups
db: NVD ids: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177

Android Security Bulletin-August 2024 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202408-1859, VAR-202408-2138

Trust: 4.25

Fetched: Sept. 27, 2024, 9:16 a.m., Published: Aug. 27, 2024, midnight
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: motorola model: android
vendor: motorola model: motorola
vendor: google model: pixel
vendor: google model: android
vendor: huawei model: huawei
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: notes
vendor: samsung model: note
db: NVD ids: CVE-2024-23355, CVE-2024-34734, CVE-2023-21351, CVE-2024-34738, CVE-2024-20082, CVE-2024-34742, CVE-2024-23356, CVE-2024-34741, CVE-2024-34731, CVE-2024-34740, CVE-2024-23353, CVE-2024-23352, CVE-2024-2937, CVE-2024-34735, CVE-2024-31333, CVE-2024-4607, CVE-2024-34737, CVE-2024-23350, CVE-2023-20971, CVE-2024-34727, CVE-2024-34739, CVE-2024-34743, CVE-2024-21481, CVE-2024-36971, CVE-2024-23357, CVE-2024-34736

10 security bugs put fuel storage tanks at risk of attacks • The Register

Trust: 4.5

Fetched: Sept. 27, 2024, 9:15 a.m., Published: -
 Vulnerabilities: cross-site scripting, os command injection, authentication bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2024-43423, CVE-2024-8497, CVE-2024-41725, CVE-2024-6981, CVE-2024-43692, CVE-2024-8310, CVE-2024-45373, CVE-2024-8630, CVE-2024-45066, CVE-2024-43693

Ivanti Says ‘Critical’ Cloud Gateway Vulnerability Seeing Exploitation

Trust: 3.0

Fetched: Sept. 25, 2024, 10:04 a.m., Published: Sept. 19, 2024, 5:29 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-8190, CVE-2024-8963

Indian Govt Issues High Risk Alert For Apple iPhone, iPad And Mac Users: Update Your Devices Immediately | Times Now

Trust: 4.75

Fetched: Sept. 25, 2024, 10:04 a.m., Published: Sept. 2, 2024, midnight
 Vulnerabilities: information disclosure, cross-site scripting, privilege escalation
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: tvos

System BIOS komputerów Dell Inspiron 15 3511 i Vostro 15 3510 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Sept. 25, 2024, 10:04 a.m., Published: Sept. 10, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Alienware x14 R2/x16 R1 System BIOS | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Sept. 25, 2024, 10:03 a.m., Published: Sept. 12, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Pentester Guide: Weak or Default Credentials | Cobalt

Trust: 5.25

Fetched: Sept. 25, 2024, 10:02 a.m., Published: -
 Vulnerabilities: default password, default credentials
Affected productsExternal IDs
vendor: google model: home
vendor: sonicwall model: remote access

Are Indian iPhone Users at Risk? Detailed Outlook

Trust: 3.0

Fetched: Sept. 25, 2024, 10:01 a.m., Published: Sept. 19, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: tvos

Direct Memory Access (DMA) attacks. Risks, techniques, and mitigations in hardware hacking | Pen Test Partners

Related entries in the VARIoT vulnerabilities database: VAR-201704-0340

Trust: 4.25

Fetched: Sept. 25, 2024, 10 a.m., Published: Sept. 23, 2020, midnight
 Vulnerabilities: code execution, code injection
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: optiplex
db: NVD ids: CVE-2016-7585

PKfail security flaw is far more extensive than initially thought | TechSpot

Trust: 3.75

Fetched: Sept. 25, 2024, 9:55 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: system
db: NVD ids: CVE-2024-8105

BitSight discloses zero-day vulnerabilities in ATG systems, posing major threat to critical infrastructure - Industrial Cyber

Trust: 4.25

Fetched: Sept. 25, 2024, 9:54 a.m., Published: Sept. 25, 2024, 7:16 a.m.
 Vulnerabilities: sql injection, path traversal
Affected productsExternal IDs
vendor: schneider electric model: monitor
vendor: trend model: security
vendor: schneider model: monitor

Critical Microchip Vulnerability In Advanced Software Framework

Trust: 3.75

Fetched: Sept. 25, 2024, 9:53 a.m., Published: Sept. 25, 2024, 8:16 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-7490

Security and Privacy Protection of Internet of Things Devices in 6G Networks | International Journal of System Assurance Engineering and Management

Trust: 3.5

Fetched: Sept. 25, 2024, 9:52 a.m., Published: Sept. 24, 2024, midnight
 Vulnerabilities: -

Critical CVE-2024-7490 Microchip ASF IOT Vulnerability

Trust: 3.5

Fetched: Sept. 25, 2024, 9:52 a.m., Published: Sept. 23, 2024, 1:21 p.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-7490

Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120 - SANS Internet Storm Center

Trust: 4.75

Fetched: Sept. 25, 2024, 9:51 a.m., Published: April 9, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: tplink model: gateway
vendor: tplink model: routers
db: NVD ids: CVE-2024-7120