Sign-up

VARIoT news about IoT security

What Is the Difference Between Smart Home and Automation? - ByRetreat

Trust: 3.5

Fetched: Feb. 21, 2024, 9:50 a.m., Published: Jan. 27, 2024, 7:54 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

Zyxel security advisory for multiple vulnerabilities in firewalls and APs | Zyxel Networks

Trust: 4.5

Fetched: Feb. 21, 2024, 9:50 a.m., Published: Feb. 7, 2024, midnight
 Vulnerabilities: code execution, command injection, pointer dereference vulnerability...
Affected productsExternal IDs
db: NVD ids: CVE-2023-6398, CVE-2023-6399, CVE-2023-6397, CVE-2023-6764

Fuzzing IoT Devices via Android App Interfaces with Large Language Model | SpringerLink

Trust: 3.0

Fetched: Feb. 21, 2024, 9:49 a.m., Published: Feb. 21, 2024, midnight
 Vulnerabilities: -

APT37 deploys RokRAT in campaign targeting North Korea experts

Trust: 3.5

Fetched: Feb. 21, 2024, 9:49 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: privilege escalation, request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-21888, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893

Nexus Podcast: Team82 Answers More of your Cybersecurity Research Questions | Nexus

Trust: 4.75

Fetched: Feb. 21, 2024, 9:47 a.m., Published: Feb. 2, 2024, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: trend model: security

New WiFi vulnerabilities open home, enterprise networks to attack

Trust: 4.25

Fetched: Feb. 21, 2024, 9:46 a.m., Published: Feb. 19, 2024, noon
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2023-52160, CVE-2023-52161

New Critical Vulnerability Discovered in Fortinet FortiGate Firewalls

Trust: 4.0

Fetched: Feb. 21, 2024, 9:41 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2024-23113

Ultimate Checklist: Crypto Wallet Security Practices (2024 Update

Trust: 3.75

Fetched: Feb. 21, 2024, 9:40 a.m., Published: Feb. 2, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: essential model: phone

Urgent patches available for QNAP vulnerabilities, one 0-day • The Register

Trust: 5.25

Fetched: Feb. 21, 2024, 9:39 a.m., Published: -
 Vulnerabilities: code execution, command injection, command execution...
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks
db: NVD ids: CVE-2023-50358, CVE-2023-47218

Small Business Cyber Security Tips: Understanding the Basics

Trust: 3.0

Fetched: Feb. 21, 2024, 9:27 a.m., Published: April 19, 2023, 8:11 a.m.
 Vulnerabilities: -
Affected productsExternal IDs

IoT Botnet Report 2021: Malware and Vulnerabilities Targeted - CUJO AI

Related entries in the VARIoT vulnerabilities database: VAR-201905-0651, VAR-201805-0263, VAR-201802-0135, VAR-202104-0769, VAR-202003-0363, VAR-201805-0262, VAR-201505-0274, VAR-201803-1048, VAR-201612-0015, VAR-201502-0201, VAR-202104-0768

Trust: 5.25

Fetched: Feb. 21, 2024, 9:25 a.m., Published: Dec. 17, 2021, 11:57 a.m.
 Vulnerabilities: command injection, memory corruption, remote command injection...
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: huawei model: hg532
vendor: buffalo model: router
vendor: d-link model: router
vendor: d-link model: dsl-2750b
vendor: realtek model: realtek sdk
vendor: comtrend model: vr-3033
vendor: vacron model: vacron nvr
vendor: netgear model: router
vendor: dlink model: router
vendor: dlink model: dsl-2750b
db: NVD ids: CVE-2017-18368, CVE-2018-10562, CVE-2014-3206, CVE-2020-8958, CVE-2018-20062, CVE-2021-20091, CVE-2020-10173, CVE-2018-10561, CVE-2021-35395, CVE-2014-8361, CVE-2017-17215, CVE-2016-6277, CVE-2015-2051, CVE-2021-20090

AnyDesk confirms server breach, urging password reset

Trust: 4.5

Fetched: Feb. 21, 2024, 9:23 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: security bypass, cross-site request forgery, request forgery
Affected productsExternal IDs
vendor: cisco model: telepresence video communication server
vendor: cisco model: expressway
vendor: cisco model: series
vendor: cisco model: telepresence
vendor: cisco model: cisco expressway
vendor: cisco model: cisco telepresence video communication server
vendor: cisco model: expressway series
vendor: cisco model: cisco telepresence
db: NVD ids: CVE-2024-23832, CVE-2024-20255, CVE-2024-20254, CVE-2023-36025, CVE-2024-20252

Incorrect Access Control Vulnerability Discovered in WyreStorm's Apollo VX20 Device: What You Need to Know and Do

Trust: 5.0

Fetched: Feb. 21, 2024, 9:21 a.m., Published: Feb. 1, 2024, midnight
 Vulnerabilities: access control vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2024-25735

Security Vulnerability: CVE-2023-48795 SSH prefix truncation attack (aka Terrapin Attack) | Support | SUSE

Trust: 3.75

Fetched: Feb. 21, 2024, 9:20 a.m., Published: Feb. 24, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: proftpd model: proftpd
db: NVD ids: CVE-2023-48795

The Ten Most Critical Wireless and Mobile Security Vulnerabilities - Help Net Security

Trust: 3.5

Fetched: Feb. 20, 2024, 9:34 a.m., Published: June 29, 2006, 12:28 a.m.
 Vulnerabilities: system crash, denial of service
Affected productsExternal IDs

Security flaws put billions of Bluetooth phones, devices at risk | ZDNET

Trust: 5.5

Fetched: Feb. 20, 2024, 9:33 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: information leak, code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: watch
vendor: samsung model: mobile
vendor: samsung model: galaxy
vendor: samsung model: gear s3
vendor: samsung model: samsung galaxy
vendor: google model: android
vendor: google model: pixel
vendor: blackberry model: blackberry

NPort 5100A Series Serial Device Servers Vulnerability

Trust: 3.0

Fetched: Feb. 20, 2024, 9:33 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: moxa model: nport 5100a series
vendor: moxa model: nport 5100a series firmware
vendor: moxa model: nport 5100a
vendor: moxa model: nport

Hello Authentication Vulnerabilities Discovered: Stay Safe - Security Boulevard

Trust: 3.75

Fetched: Feb. 20, 2024, 9:29 a.m., Published: Dec. 6, 2023, 7 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: thinkpad
db: NVD ids: CVE-2021-34466

Critical RCE Vulnerabilities in Atlassian Products: CVE-2022-1471, CVE-2023-22522, CVE-2023-22524, and CVE-2023-22523 - SOCRadar® Cyber Intelligence Inc.

Trust: 4.0

Fetched: Feb. 20, 2024, 9:28 a.m., Published: Dec. 6, 2023, 10:47 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-22523, CVE-2023-22524, CVE-2023-22522, CVE-2022-1471

Delta Electronics InfraSuite Device Master - vulnerability database | Vulners.com

Trust: 5.25

Fetched: Feb. 20, 2024, 9:27 a.m., Published: Nov. 28, 2023, noon
 Vulnerabilities: code execution, path traversal
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2023-39226, CVE-2023-46690, CVE-2023-47279, CVE-2023-47207