VARIoT latest news about IoT security

Cybersecurity Vulnerabilities: Do Employees Pose a Risk? \| American Public University Trust: 3.5 Fetched: March 10, 2024, 10:31 a.m., Published: Feb. 2, 2024, 9:04 p.m.	Vulnerabilities: code injection, code execution, buffer overflow...

Affected products	External IDs

Press Trust of India: Apple's reply on device vulnerability not totally clear: MoS IT on iPhone alert to MPs Trust: 3.0 Fetched: March 10, 2024, 10:31 a.m., Published: May 10, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

Steps to fix the CVE-2024-23836 vulnerability in the Intrusion Detection System Trust: 3.0 Fetched: March 10, 2024, 10:29 a.m., Published: March 4, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-23836

Apple iOS < 16.7.6 Multiple Vulnerabilities (HT214082) \| Tenable® Trust: 3.0 Fetched: March 10, 2024, 10:29 a.m., Published: July 16, 2006, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-23257, CVE-2024-23265, CVE-2024-23263, CVE-2024-23235, CVE-2024-23262, CVE-2024-23218, CVE-2024-23204, CVE-2024-23225, CVE-2024-23278, CVE-2024-23289, CVE-2024-23284, CVE-2024-23246, CVE-2024-23259, CVE-2024-23231, CVE-2024-23286, CVE-2024-23203, CVE-2024-23264, CVE-2024-23283, CVE-2023-28826

CMC \| Free Full-Text \| IoT Smart Devices Risk Assessment Model Using Fuzzy Logic and PSO Trust: 3.5 Fetched: March 10, 2024, 10:27 a.m., Published: Feb. 27, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	trend	model:	internet security
vendor:	trend	model:	security

QNAP Alerts Users about Critical Authentication Bypass Vulnerability in NAS Devices - VULNERA Trust: 4.75 Fetched: March 10, 2024, 10:26 a.m., Published: March 8, 2024, 8:03 p.m.	Vulnerabilities: authentication bypass, command injection, sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-21899

Steps to fix the CVE-2024-23836 vulnerability in the Intrusion Detection System Trust: 3.0 Fetched: March 10, 2024, 10:24 a.m., Published: March 11, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-23836

cURL and libcurl Vulnerability Affecting Cisco Products: October 2023 Trust: 4.0 Fetched: March 10, 2024, 10:24 a.m., Published: March 5, 2024, 6:03 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	series routers
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	unified contact center express
vendor:	cisco	model:	vedge 2000
vendor:	cisco	model:	routers
vendor:	cisco	model:	email security appliance
vendor:	cisco	model:	nexus
vendor:	cisco	model:	series
vendor:	cisco	model:	unified communications
vendor:	cisco	model:	hyperflex
vendor:	cisco	model:	mds 9000 series
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	sd-wan vedge
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	series switches
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	firepower
vendor:	cisco	model:	mds 9000
vendor:	cisco	model:	vedge
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	application policy infrastructure controller
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	vedge cloud router
vendor:	cisco	model:	sd-wan vmanage
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	vedge 1000
vendor:	cisco	model:	vedge 5000
vendor:	cisco	model:	sd-wan vedge cloud router
vendor:	cisco	model:	hyperflex system
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	anyconnect secure mobility client
vendor:	cisco	model:	wan manager
vendor:	cisco	model:	vedge cloud
vendor:	cisco	model:	vedge 100

Steps to fix the CVE-2024-23836 vulnerability in the Intrusion Detection System Trust: 3.0 Fetched: March 10, 2024, 10:22 a.m., Published: March 11, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-23836

Lighting Control Breached The Security Pitfalls of Smart Bulbs Trust: 3.5 Fetched: March 10, 2024, 10:19 a.m., Published: Feb. 24, 2024, midnight	Vulnerabilities: default password

Affected products	External IDs

Apple users urged to update devices after app vulnerability found to give attackers access to data \| The Straits Times Trust: 3.0 Fetched: March 10, 2024, 10:17 a.m., Published: March 1, 2024, 10:45 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

CVE-2023-42873 - Critical Vulnerability Allows Arbitrary Code Execution with Kernel Privileges Trust: 5.5 Fetched: March 10, 2024, 10:16 a.m., Published: Feb. 21, 2024, 7:15 a.m.	Vulnerabilities: code execution, improper bounds checking

Affected products

External IDs

vendor:	apple	model:	tvos
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2023-42873

Qualys CyberSecurity Asset Management Expands to Detect Unauthorized Devices Across Hybrid Environments - Enterprise Channels MEA Trust: 3.0 Fetched: March 10, 2024, 10:13 a.m., Published: Feb. 27, 2024, 5:17 a.m.	Vulnerabilities: -

Affected products	External IDs

Oracle Linux 9 : keylime (ELSA-2024-1139) - vulnerability database \| Vulners.com Trust: 3.0 Fetched: March 10, 2024, 10:12 a.m., Published: March 6, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-3674

CVE-2024-2352 - vulnerability database \| Vulners.com Trust: 3.0 Fetched: March 10, 2024, 10:09 a.m., Published: March 10, 2024, 2:16 a.m.	Vulnerabilities: command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-2352

Critical Fortinet FortiOS bug CVE-2024-21762 potentially impact 150,000 internet-facing devices Trust: 4.0 Fetched: March 10, 2024, 10:07 a.m., Published: March 9, 2024, 4:15 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-21762

Wireless Security Vulnerabilities: Jamming Risks Explained Trust: 3.75 Fetched: March 10, 2024, 10:07 a.m., Published: Aug. 3, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

mesh

model:

mesh

CISA Adds Two Known Exploited Vulnerabilities to Catalog \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202005-0696 Trust: 4.0 Fetched: March 10, 2024, 10:06 a.m., Published: March 10, 2023, midnight	Vulnerabilities: privilege escalation, information disclosure

Affected products

External IDs

db:

NVD

ids:

CVE-2024-21410, CVE-2020-3259

How do I report a security vulnerability/incident for ClickShare and wePresent devices? - Barco Trust: 3.0 Fetched: March 10, 2024, 10 a.m., Published: March 20, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

barco

model:

clickshare

Mitigation Instructions for CVE-2016- 20017 Related entries in the VARIoT vulnerabilities database: VAR-202210-1176 Trust: 6.75 Fetched: March 10, 2024, 10 a.m., Published: March 2, 2024, midnight	Vulnerabilities: command injection

Affected products

External IDs

vendor:	d-link	model:	dsl-2750b router
vendor:	d-link	model:	router
vendor:	d-link	model:	dsl-2750b

db:

NVD

ids:

CVE-2016-20017

VARIoT news about IoT security