Sign-up

VARIoT news about IoT security

Vulnerabilities in employee management system could lead to remote code execution, login credential theft

Trust: 5.5

Fetched: July 12, 2024, 9:31 a.m., Published: May 1, 2024, 4 p.m.
 Vulnerabilities: memory corruption, information disclosure, buffer overflow...
Affected productsExternal IDs
vendor: snort model: snort
vendor: snort.org model: snort
db: NVD ids: CVE-2024-22373, CVE-2024-25648, CVE-2023-43491, CVE-2023-51391, CVE-2024-22391, CVE-2023-45744, CVE-2023-39367, CVE-2023-45209, CVE-2024-28130, CVE-2024-25569, CVE-2024-25575, CVE-2024-25938, CVE-2023-40146

ICS hardware vulnerabilities found in TELSAT, SDG Technologies, Yokogawa, Johnson Controls equipment - Industrial Cyber

Trust: 5.5

Fetched: July 12, 2024, 9:29 a.m., Published: June 28, 2024, 5:53 p.m.
 Vulnerabilities: improper access control, authorization vulnerability, cross-site scripting...
Affected productsExternal IDs
vendor: yokogawa model: fast/tools
db: NVD ids: CVE-2024-32756, CVE-2024-32755, CVE-2024-4105, CVE-2024-32932, CVE-2024-32757, CVE-2024-4106, CVE-2024-2882

Palo Alto Networks API Exploit Causing Critical Infrastructure and Enterprise Epidemics - API Security

Trust: 5.5

Fetched: July 12, 2024, 9:28 a.m., Published: April 13, 2024, 9:57 p.m.
 Vulnerabilities: path traversal, command injection, code execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: paloaltonetworks model: networks
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: pan-os
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
db: NVD ids: CVE-2024-3400

CVE-2023-45866: A Critical Bluetooth Security Flaw - EXPLOIT | by Hacker's Dump | Medium

Trust: 4.75

Fetched: July 12, 2024, 9:27 a.m., Published: May 3, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: chromecast
vendor: google model: android
vendor: apple model: iphone
vendor: oneplus model: 3
vendor: raspberry pi model: 3
db: NVD ids: CVE-2023-45866

State-Sponsored Espionage Campaign Exploits Cisco Vulnerabilities - Infosecurity Magazine

Trust: 3.5

Fetched: July 12, 2024, 9:27 a.m., Published: April 25, 2024, 2 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: asa software
vendor: cisco model: adaptive security appliance
vendor: cisco model: cisco adaptive security appliance
vendor: trend model: security
db: NVD ids: CVE-2024-20353, CVE-2024-20359

Cyber Spies Hit Cisco Firewalls in Zero-Day Exploits | MSSP Alert

Trust: 5.5

Fetched: July 12, 2024, 9:26 a.m., Published: April 29, 2024, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: adaptive security appliance
vendor: trend model: security
db: NVD ids: CVE-2024-20353, CVE-2024-20359

Thousands of internet-facing devices vulnerable to Check Point VPN zero-day

Trust: 3.75

Fetched: July 12, 2024, 9:25 a.m., Published: July 4, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: quantum security gateway
vendor: check point model: check point vpn
vendor: check point model: check point
vendor: check point model: security gateway
db: NVD ids: CVE-2024-24919

Journal of Medical Internet Research - Vulnerability to Cyberattacks and Sociotechnical Solutions for Health Care Systems: Systematic Review

Trust: 3.75

Fetched: July 12, 2024, 9:22 a.m., Published: July 12, 8493, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

.net - Mitigating vulnerability in runtime libraries - Stack Overflow

Trust: 3.0

Fetched: July 12, 2024, 9:21 a.m., Published: July 16, 2059, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-38095, CVE-2024-30105

Cybersecurity Vulnerabilities in Implantable Medical Devices

Trust: 4.5

Fetched: July 12, 2024, 9:20 a.m., Published: July 11, 2024, 3:39 p.m.
 Vulnerabilities: session hijacking, default credentials
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2023-31222

Data breaches to Palo Alto GlobalProtect products - requires immediate action | NCSC-FI

Trust: 3.0

Fetched: July 12, 2024, 9:18 a.m., Published: Jan. 12, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-3400

The Looming Threat of Unsecured IoT Devices: A Deep Dive

Trust: 3.75

Fetched: July 12, 2024, 9:17 a.m., Published: -
 Vulnerabilities: code injection, denial of service
Affected productsExternal IDs

CVE - CVE-2009-2512

Trust: 3.25

Fetched: July 10, 2024, 10:07 a.m., Published: Aug. 24, 2030, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2009-2512

Only one critical issue disclosed as part of Microsoft Patch Tuesday

Trust: 5.25

Fetched: July 10, 2024, 10:07 a.m., Published: June 11, 2024, 5:46 p.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: snort.org model: snort
vendor: snort model: snort
db: NVD ids: CVE-2024-30090, CVE-2024-35250, CVE-2024-35254, CVE-2024-30078, CVE-2024-30063, CVE-2024-30087, CVE-2024-30088, CVE-2024-30089, CVE-2024-30084, CVE-2024-30082, CVE-2024-30080, CVE-2024-30068, CVE-2024-30091, CVE-2024-30099, CVE-2024-30077, CVE-2024-30103, CVE-2024-30064

Analyzing session token generation with Burp Suite - PortSwigger

Trust: 3.0

Fetched: July 10, 2024, 10:06 a.m., Published: July 1, 2024, midnight
 Vulnerabilities: session hijacking
Affected productsExternal IDs

Critical Vulnerability Found in Popular Python Library - Hackerdose

Trust: 4.0

Fetched: July 10, 2024, 10:05 a.m., Published: June 23, 2024, 9 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-28397

How Do Hackers Target IoT Devices?

Trust: 3.25

Fetched: July 10, 2024, 10 a.m., Published: June 23, 2024, 5:09 p.m.
 Vulnerabilities: default password, weak password
Affected productsExternal IDs

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-202202-1707, VAR-201311-0359

Trust: 4.5

Fetched: July 10, 2024, 9:56 a.m., Published: Aug. 24, 2030, midnight
 Vulnerabilities: information leak, code injection, denial of service...
Affected productsExternal IDs
vendor: canary model: canary
db: NVD ids: CVE-2024-35917, CVE-2024-26969, CVE-2022-25265, CVE-2023-4039, CVE-2021-46195, CVE-2021-3115, CVE-2020-15567, CVE-2012-3509, CVE-2009-1894, CVE-2020-29573, CVE-2014-5044, CVE-2021-47519, CVE-2006-1902, CVE-2024-27413, CVE-2006-0742, CVE-2013-4598, CVE-2000-1219, CVE-2020-25603, CVE-2014-0892, CVE-2024-26970, CVE-2017-11671, CVE-2014-9799, CVE-2002-2439, CVE-2019-15847, CVE-2013-6885, CVE-2023-52748, CVE-2018-12886, CVE-2020-28367, CVE-2008-1367, CVE-2009-1897, CVE-2024-26971, CVE-2024-39291, CVE-2016-7042, CVE-2010-3192, CVE-2008-1685, CVE-1999-1439, CVE-2006-1542, CVE-2018-11319, CVE-2024-26968, CVE-2016-4973, CVE-2010-2195, CVE-2008-4957, CVE-2019-19602, CVE-2018-6574, CVE-2021-47553, CVE-2021-37322, CVE-2015-5276, CVE-2024-26759, CVE-2022-27943, CVE-2006-3619

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-201810-0329

Trust: 5.5

Fetched: July 10, 2024, 9:56 a.m., Published: Aug. 24, 2030, midnight
 Vulnerabilities: memory allocation vulnerability, denial of service, code execution...
Affected productsExternal IDs
vendor: netapp model: data ontap
vendor: netapp model: clustered data ontap
vendor: snort model: snort
vendor: cisco model: firepower system
vendor: cisco model: firepower system software
vendor: cisco model: cisco firepower system software
vendor: cisco model: firepower
db: NVD ids: CVE-2019-0630, CVE-2018-0455, CVE-2018-11338, CVE-2009-3676, CVE-2010-2551, CVE-2011-1268, CVE-2018-14607, CVE-2009-2532, CVE-2010-0477, CVE-2010-0270, CVE-2010-2552, CVE-2009-3103, CVE-2011-0660, CVE-2010-0021, CVE-2019-0633, CVE-2018-5490, CVE-2009-2526, CVE-2018-0833, CVE-2018-8444, CVE-2007-5351, CVE-2011-1267, CVE-2010-0269, CVE-2017-0016, CVE-2011-0661, CVE-2010-0476

5 Best 5GHz Wireless Routers 2024 - Wireless Wifi Routers with 5g - Her Style Code

Trust: 3.5

Fetched: July 10, 2024, 9:55 a.m., Published: Aug. 1, 2019, 11:13 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tp-link model: ac1750
vendor: tp-link model: routers
vendor: asus model: asus
vendor: asus model: router
vendor: asus model: wireless routers
vendor: asus model: routers
vendor: netgear model: router
vendor: netgear model: r7800
vendor: netgear model: r7000
vendor: netgear model: netgear router
vendor: netgear model: ac2600
vendor: google model: home
vendor: google model: wifi
vendor: google model: wifi router