Sign-up

VARIoT news about IoT security

Configure Microsoft Defender for Endpoint on iOS features - Microsoft Defender for Endpoint | Microsoft Learn

Trust: 3.0

Fetched: July 27, 2024, 7:43 p.m., Published: July 22, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad

🎯🖥️ How ‘Anyone’ Can Fall Victim to Internet Hackers

Trust: 4.25

Fetched: July 27, 2024, 7:42 p.m., Published: -
 Vulnerabilities: denial of service, sql injection, default password
Affected productsExternal IDs
vendor: asus model: router
vendor: asus model: routers
vendor: asus model: asus
vendor: d-link model: router
vendor: d-link model: dir-859

PKfail Vulnerability Allowed Attackers To Install UEFI Malware

Trust: 3.0

Fetched: July 27, 2024, 7:42 p.m., Published: July 31, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: system

Vulnerabilities in PanelView Plus devices could lead to remote code execution

Related entries in the VARIoT vulnerabilities database: VAR-202309-2171

Trust: 5.5

Fetched: July 27, 2024, 7:41 p.m., Published: July 3, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: rockwell model: automation panelview plus
vendor: rockwell model: factorytalk view
vendor: rockwell model: factorytalk
vendor: rockwell model: automation panelview
vendor: rockwell model: rslogix
vendor: rockwell automation model: automation panelview plus
vendor: rockwell automation model: factorytalk view
vendor: rockwell automation model: factorytalk
vendor: rockwell automation model: automation panelview
vendor: rockwell automation model: rslogix
db: NVD ids: CVE-2023-2071

CVE - CVE-2023-36670

Trust: 4.0

Fetched: July 27, 2024, 7:41 p.m., Published: Aug. 24, 2030, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2023-36670

CVE - CVE-2021-23841

Related entries in the VARIoT vulnerabilities database: VAR-202102-1488

Trust: 3.25

Fetched: July 27, 2024, 7:41 p.m., Published: Aug. 24, 2030, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-23841

Are Your Bluetooth Connections Putting Your Business at Risk? - Krishna Gupta

Trust: 3.5

Fetched: July 27, 2024, 7:39 p.m., Published: July 5, 2024, 12:57 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone
vendor: wireshark model: wireshark

Critical OpenSSH Flaw Enables Full System Compromise - Infosecurity Magazine

Trust: 3.75

Fetched: July 27, 2024, 7:39 p.m., Published: July 1, 2024, 2 p.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-6387, CVE-2008-4109, CVE-2006-5051

Reference guide for security alerts - Microsoft Defender for Cloud | Microsoft Learn

Trust: 3.0

Fetched: July 27, 2024, 7:39 p.m., Published: June 3, 2024, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

A Vulnerability in Cisco Secure Email Gateway Could Allow for Remote Code Execution

Trust: 4.25

Fetched: July 27, 2024, 7:33 p.m., Published: July 22, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Cisco VPN Client Software Download (Windows 32bit - 64bit, Linux 32bit - 64bit, MacOS)

Trust: 3.0

Fetched: July 27, 2024, 7:27 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: vpn client
vendor: cisco model: cisco vpn client

Cisco Secure Web Appliance Privilege Escalation Vulnerability - Cisco

Trust: 3.0

Fetched: July 27, 2024, 7:26 p.m., Published: July 17, 2024, 11:40 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Smart Home Device Security

Trust: 4.5

Fetched: July 27, 2024, 7:24 p.m., Published: July 18, 2024, 4:37 p.m.
 Vulnerabilities: weak password
Affected productsExternal IDs
vendor: essential model: phone

Does CVE-2022-38023 have any impact to ONTAP 9? - NetApp Knowledge Base

Trust: 3.0

Fetched: July 27, 2024, 7:24 p.m., Published: Jan. 2, 2023, 12:17 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-38023

RegreSSHion Attack: Protecting Against Unpatched OpenSSH CVE

Trust: 5.0

Fetched: July 27, 2024, 7:24 p.m., Published: July 16, 2024, 7 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-6387, CVE-2008-4109, CVE-2006-5051

CVE-2024-39149 - Post-auth blind OS command injection vulnerability in NETGEAR's X6 R8000 devices

Trust: 5.5

Fetched: July 27, 2024, 7:21 p.m., Published: March 11, 2024, midnight
 Vulnerabilities: command execution, arbitrary command execution, command injection...
Affected productsExternal IDs
vendor: netgear model: r8000
db: NVD ids: CVE-2024-39149

OpenSSH Vulnerability: CVE-2024-6387 Explained

Trust: 3.0

Fetched: July 27, 2024, 7:19 p.m., Published: July 2, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-6387

Legacy Vulnerabilities in IoT: Why Updating Your Devices is Critical - Responsible Cyber

Trust: 3.75

Fetched: July 27, 2024, 7:18 p.m., Published: July 29, 2024, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs

CocoaPods Vulnerabilities Expose Apple Devices to Supply Chain Attacks - The Review Hive

Trust: 4.75

Fetched: July 27, 2024, 7:17 p.m., Published: July 8, 2024, 8:09 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2024-38366, CVE-2024-38367, CVE-2024-38368

Vulnerability in Cisco Smart Software Manager lets attackers change any user password | Ars Technica

Trust: 4.0

Fetched: July 27, 2024, 7:16 p.m., Published: July 17, 2024, 7:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-20419