VARIoT latest news about IoT security

Chrome update patches actively exploited zero-day vulnerability Trust: 4.75 Fetched: June 4, 2024, 9:55 a.m., Published: May 27, 2024, 9:25 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2024-5274

SMB and Null Sessions: Why Your Pen Test is Probably Wrong - Microsoft Community Hub Trust: 3.75 Fetched: June 4, 2024, 9:54 a.m., Published: May 21, 2024, 8:26 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

wireshark

model:

wireshark

db:

NVD

ids:

CVE-1999-0520, CVE-1999-0519

CERT-In warns users about a bug in Checkpoint gateway products Trust: 3.75 Fetched: June 4, 2024, 9:52 a.m., Published: June 4, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	check point	model:	security gateway
vendor:	check point	model:	check point
vendor:	checkpoint	model:	security gateway
vendor:	checkpoint	model:	check point

db:

NVD

ids:

CVE-2024-24919

CVE-2024-3661 Impact of TunnelVision Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-202405-0458 Trust: 3.75 Fetched: June 4, 2024, 9:51 a.m., Published: May 16, 2024, 4 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	palo	model:	firewall
vendor:	palo	model:	pan-os
vendor:	palo	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	pan-os
vendor:	palo alto networks	model:	networks
vendor:	apple	model:	macos
vendor:	paloaltonetworks	model:	firewall
vendor:	paloaltonetworks	model:	pan-os
vendor:	paloaltonetworks	model:	networks

db:

NVD

ids:

CVE-2024-3661

Top IoT platform supply chain vulnerabilities put 100+ million devices at risk - security cameras and baby monitors under threat - SILICONFIT Trust: 6.0 Fetched: June 4, 2024, 9:51 a.m., Published: May 15, 2024, 1:36 p.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:

roku

model:

roku

db:

NVD

ids:

CVE-2023-6321, CVE-2023-6322, CVE-2023-6324, CVE-2023-6323

Security Week 2422: Vulnerabilities in QNAP devices - TechBurst Magazine Trust: 4.25 Fetched: June 4, 2024, 9:50 a.m., Published: May 27, 2024, 4:12 p.m.	Vulnerabilities: memory corruption, code execution, denial of service

Affected products

External IDs

vendor:	tesla	model:	model 3
vendor:	tesla	model:	model

db:

NVD

ids:

CVE-2024-27130

CVE-2024-36955 - vulnerability database \| Vulners.com Trust: 4.25 Fetched: June 4, 2024, 9:50 a.m., Published: June 3, 2024, 2:04 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

alsa

model:

alsa

db:

NVD

ids:

CVE-2024-36955

CVE-2024-36022 drm/amdgpu: Init zone device and drm client a... - vulnerability database \| Vulners.com Trust: 4.25 Fetched: June 4, 2024, 9:49 a.m., Published: May 30, 2024, 3:03 p.m.	Vulnerabilities: kernel panic

Affected products

External IDs

db:

NVD

ids:

CVE-2024-36022

ICS Medical Advisory: Baxter Welch Allyn Connex Spot Monitor - globalregulatoryinsights Trust: 3.0 Fetched: June 4, 2024, 9:47 a.m., Published: May 30, 2024, 4:17 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-1275

Top 5 CVEs and Vulnerabilities of May 2024 - Strobes Trust: 4.25 Fetched: June 4, 2024, 9:46 a.m., Published: June 3, 2024, 10:46 a.m.	Vulnerabilities: cross-site scripting, code execution, authentication bypass...

Affected products

External IDs

vendor:	check point	model:	check point
vendor:	check point	model:	security gateway
vendor:	checkpoint	model:	check point
vendor:	checkpoint	model:	security gateway

db:

NVD

ids:

CVE-2024-24919, CVE-2024-4985, CVE-2024-27348, CVE-2024-4835, CVE-2024-27130

ACSC Alert for Check Points’ Quantum Security Gateway Device Vulnerability - Australian Cyber Security Magazine Trust: 3.75 Fetched: June 4, 2024, 9:46 a.m., Published: June 3, 2024, 2:09 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	check point	model:	security gateway
vendor:	check point	model:	check point
vendor:	check point	model:	quantum security gateway

db:

NVD

ids:

CVE-2024-24919

ERROR: The request could not be satisfied Trust: 3.25 Fetched: June 4, 2024, 9:45 a.m., Published: May 31, 2024, midnight	Vulnerabilities: configuration error

Affected products	External IDs

CPCI85 Central Processing/Communication Vulnerability: Command Injection Risk (CVE-2024-31485) \| SecurityVulnerability.io - SecuirtyVulnerability.io Related entries in the VARIoT vulnerabilities database: VAR-202405-0176 Trust: 3.25 Fetched: June 4, 2024, 9:39 a.m., Published: June 4, 2024, midnight	Vulnerabilities: command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-31485

Check Point releases emergency fix after hackers target VPNs - The Hindu Trust: 3.0 Fetched: June 4, 2024, 9:38 a.m., Published: May 31, 2024, 11:03 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

11 BEST Network Scanning Tools (2024) Trust: 4.25 Fetched: June 4, 2024, 9:35 a.m., Published: June 1, 2024, 7:16 a.m.	Vulnerabilities: injection attack, sql injection

Affected products

External IDs

vendor:	citrix	model:	licensing
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	blackberry	model:	link
vendor:	blackberry	model:	blackberry
vendor:	cisco	model:	router
vendor:	cisco	model:	routers

Threats, Vulnerabilities, Exploits and Their Relationship to Risk \| F5 Labs Related entries in the VARIoT vulnerabilities database: VAR-202102-0898 Trust: 3.75 Fetched: June 4, 2024, 9:34 a.m., Published: Feb. 23, 2021, 7:55 a.m.	Vulnerabilities: sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2021-20016

Smart home vulnerabilities and how to protect against them \| Kaspersky official blog Trust: 3.25 Fetched: June 4, 2024, 9:33 a.m., Published: Jan. 4, 2050, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	fibaro	model:	button

91,000 Smart LG TV Devices Vulnerable to Remote Takeover - The Cloud Consultancy Trust: 5.0 Fetched: June 4, 2024, 9:31 a.m., Published: April 9, 2024, 7:40 p.m.	Vulnerabilities: command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2023-6317, CVE-2023-6320, CVE-2023-6319, CVE-2023-6318

D-Link tells customers to sunset actively exploited storage devices \| Cybersecurity Dive Related entries in the VARIoT vulnerabilities database: VAR-202404-0070 Trust: 5.5 Fetched: June 4, 2024, 9:31 a.m., Published: April 8, 2024, midnight	Vulnerabilities: arbitrary command execution, command injection, command execution...

Affected products

External IDs

vendor:	d-link	model:	dns-325
vendor:	d-link	model:	dns-340l
vendor:	d-link	model:	dns-327l
vendor:	d-link	model:	dns-320l
vendor:	barracuda	model:	barracuda

db:

NVD

ids:

CVE-2024-3273

Detect Security Vulnerability \| NetApp Documentation Trust: 3.0 Fetched: June 4, 2024, 9:31 a.m., Published: March 14, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	netapp	model:	santricity os controller
vendor:	netapp	model:	storagegrid
vendor:	netapp	model:	solidfire
vendor:	netapp	model:	element software
vendor:	netapp	model:	active iq unified manager

VARIoT news about IoT security