VARIoT latest news about IoT security

CVE-2024-20446 \| Tenable® Trust: 5.75 Fetched: Aug. 30, 2024, 9:20 a.m., Published: Aug. 28, 2024, midnight	Vulnerabilities: denial of service, process crash

Affected products

External IDs

vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	cisco nx-os

db:

NVD

ids:

CVE-2024-20446

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager Trust: 4.5 Fetched: Aug. 30, 2024, 9:19 a.m., Published: July 18, 2024, 6:01 a.m.	Vulnerabilities: path traversal, code execution

Affected products

External IDs

vendor:	cisco	model:	asyncos
vendor:	cisco	model:	advanced malware protection
vendor:	cisco	model:	cisco asyncos
vendor:	cisco	model:	nexus
vendor:	solarwinds	model:	serv-u
vendor:	google	model:	nexus

db:

NVD

ids:

CVE-2024-28995, CVE-2022-22948, CVE-2024-34102, CVE-2024-20419, CVE-2024-20401

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Aug. 30, 2024, 9:18 a.m., Published: Aug. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Aug. 30, 2024, 9:18 a.m., Published: Aug. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

Vulnerability in UniFi appliances? \| Ubiquiti Community Trust: 5.25 Fetched: Aug. 30, 2024, 9:17 a.m., Published: -	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:

ubiquiti

model:

unifi

db:

NVD

ids:

CVE-2022-39046

Zero Day Initiative - CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability Trust: 4.25 Fetched: Aug. 30, 2024, 9:17 a.m., Published: Aug. 28, 2024, 3 p.m.	Vulnerabilities: buffer overflow, code execution, heap corruption

Affected products

External IDs

vendor:	trendmicro	model:	security
vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2024-37079

Flaw (Computer Vulnerability) \| Cyber Glossary Trust: 3.0 Fetched: Aug. 30, 2024, 9:16 a.m., Published: Oct. 12, 2024, midnight	Vulnerabilities: buffer overflow

Affected products	External IDs

Critical Vulnerability in PHP-CGI (CVE-2024-4577) Trust: 3.75 Fetched: Aug. 30, 2024, 9:15 a.m., Published: June 6, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-4577

Shimano Di2 vulnerability: let’s talk about device security in sports - Riscure Trust: 3.75 Fetched: Aug. 30, 2024, 9:13 a.m., Published: Aug. 23, 2024, 10:53 a.m.	Vulnerabilities: replay attack

Affected products

External IDs

vendor:

parallels

model:

tools

Cisco NX-OS Software Command Injection Vulnerability - Cisco Trust: 5.0 Fetched: Aug. 30, 2024, 9:12 a.m., Published: Aug. 28, 2024, 11:15 a.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:	cisco	model:	nexus 1000v
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	series switches
vendor:	cisco	model:	1000v
vendor:	cisco	model:	series
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	nexus

Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service Vulnerability Trust: 4.0 Fetched: Aug. 30, 2024, 9:12 a.m., Published: Aug. 28, 2024, 3:51 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	nexus 1000v
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	series switches
vendor:	cisco	model:	1000v
vendor:	cisco	model:	series
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	nexus

Alienware Aurora R15 AMD System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Aug. 28, 2024, 9:37 a.m., Published: Aug. 28, 2024, 3 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Dell OptiPlex 7450 All-In-One System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Aug. 28, 2024, 9:36 a.m., Published: Aug. 28, 7450, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	dell	model:	optiplex

Dell Latitude 5350 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Aug. 28, 2024, 9:35 a.m., Published: Aug. 28, 5350, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	dell	model:	bios

Critical Vulnerability in D-Link Devices Could Lead to Command Injection (CVE-2024-7715) \| SecurityVulnerability.io - SecuirtyVulnerability.io Trust: 6.0 Fetched: Aug. 28, 2024, 9:31 a.m., Published: -	Vulnerabilities: command injection

Affected products

External IDs

vendor:	d-link	model:	dnr-326
vendor:	d-link	model:	dnr-322l
vendor:	d-link	model:	dns-325
vendor:	d-link	model:	dns-323
vendor:	d-link	model:	dns-340l
vendor:	d-link	model:	dns-327l
vendor:	d-link	model:	dns-320lw
vendor:	d-link	model:	dns-345
vendor:	d-link	model:	dns-320
vendor:	d-link	model:	dns-320l

db:

NVD

ids:

CVE-2024-7715

Alienware Area-51m R2 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Aug. 28, 2024, 9:31 a.m., Published: Aug. 27, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access Trust: 4.5 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 26, 2024, 2:33 p.m.	Vulnerabilities: improper access control, access control vulnerability, access control bug

Affected products

External IDs

vendor:	google	model:	nexus
vendor:	sonicwall	model:	secure mobile access
vendor:	sonicwall	model:	remote access
vendor:	sonicwall	model:	switch
vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho
vendor:	cisco	model:	nexus
vendor:	cisco	model:	soho

db:

NVD

ids:

CVE-2024-40766

Huawei EulerOS: Security Advisory for device-mapper-multipat... - vulnerability database \| Vulners.com Trust: 4.75 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 22, 2024, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:

huawei

model:

huawei

db:

NVD

ids:

CVE-2022-41973, CVE-2022-41974

SonicWall pushes patch for critical vulnerability in SonicOS platform \| CyberScoop Trust: 3.75 Fetched: Aug. 28, 2024, 9:29 a.m., Published: Aug. 26, 2024, 3:58 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	sonicwall	model:	secure mobile access
vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho

db:

NVD

ids:

CVE-2024-40766

SonicWall patches critical vulnerability in several firewalls Trust: 5.0 Fetched: Aug. 28, 2024, 9:28 a.m., Published: Aug. 27, 2024, midnight	Vulnerabilities: improper access control, access control vulnerability

Affected products

External IDs

vendor:

sonicwall

model:

sonicos

db:

NVD

ids:

CVE-2024-40766

VARIoT news about IoT security