Sign-up

VARIoT news about IoT security

Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability

Trust: 4.0

Fetched: April 30, 2024, 9:06 a.m., Published: March 27, 2024, 3:55 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe software

The Top Ten IoT Vulnerabilities | Infosec

Trust: 3.5

Fetched: April 30, 2024, 9:06 a.m., Published: April 26, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

"Critical Vulnerability Allows Access to QNAP NAS Devices" | Science of Security Virtual Organization

Trust: 5.5

Fetched: April 28, 2024, 9:23 a.m., Published: April 9, 2024, midnight
 Vulnerabilities: command execution, authentication issue, code injection
Affected productsExternal IDs
vendor: qnap model: photo station
vendor: qnap systems model: photo station
db: NVD ids: CVE-2024-21901, CVE-2024-21900, CVE-2024-21899

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

Trust: 5.25

Fetched: April 28, 2024, 9:23 a.m., Published: March 5, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

CVE-2024-3273: D-Link NAS Vulnerability Threatens 92,000 Devices | CTF导航

Related entries in the VARIoT vulnerabilities database: VAR-202404-0070

Trust: 4.75

Fetched: April 28, 2024, 9:22 a.m., Published: April 7, 2024, midnight
 Vulnerabilities: command execution, command injection, denial of service
Affected productsExternal IDs
vendor: d-link model: dns-340l
vendor: d-link model: dns-325
vendor: d-link model: dns-320l
vendor: d-link model: dns-327l
db: NVD ids: CVE-2024-3273

Lenovo Devices Vulnerable to Authentication Bypass Attacks (CVE-2024-23592) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 4.25

Fetched: April 28, 2024, 9:20 a.m., Published: April 28, 2024, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-23592

Vulnerability Assessment and Risk Modeling of IoT Smart Home Devices | SpringerLink

Trust: 3.75

Fetched: April 28, 2024, 9:19 a.m., Published: April 28, 2024, midnight
 Vulnerabilities: -

CVE-2024-0029 -Unauthorized Screen Capture Vulnerability Risking Local Escalation of Privilege on Device Policy Controlled Systems

Trust: 3.0

Fetched: April 28, 2024, 9:17 a.m., Published: Feb. 16, 2024, 2:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-0029

Cisco IOS and IOS XE Software Vulnerability Could Lead to Device Reload and Denial of Service (CVE-2024-20311) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 5.0

Fetched: April 28, 2024, 9:11 a.m., Published: April 28, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2024-20311

Detecting Devices Vulnerable to Palo Alto Networks OS Command Injection Vulnerability CVE-2024-3400 | CIP Blog

Trust: 5.5

Fetched: April 28, 2024, 9:10 a.m., Published: April 25, 2024, 8 p.m.
 Vulnerabilities: os command injection, command injection, command execution...
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks globalprotect
vendor: palo alto networks model: firewall
vendor: palo alto networks model: palo alto networks globalprotect
vendor: palo model: networks
vendor: palo model: pan-os
vendor: palo model: networks globalprotect
vendor: palo model: firewall
vendor: palo model: palo alto networks globalprotect
db: NVD ids: CVE-2024-1709, CVE-2024-3400

CERT-EU - Vulnerabilities in Cisco ASA and FTD Software

Trust: 4.5

Fetched: April 28, 2024, 9:08 a.m., Published: -
 Vulnerabilities: improper validation
Affected productsExternal IDs
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: asdm
vendor: cisco model: asa software
vendor: cisco model: adaptive security appliance
db: NVD ids: CVE-2024-20359, CVE-2024-20358, CVE-2024-20353

Security Vulnerabilities in Hikvision NVR Devices - Security Advisory - Hikvision

Trust: 4.0

Fetched: April 26, 2024, 9:09 a.m., Published: April 2, 2024, midnight
 Vulnerabilities: pointer dereference vulnerability, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-29948, CVE-2024-29947, CVE-2024-29949

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

Trust: 5.0

Fetched: April 26, 2024, 9:09 a.m., Published: April 24, 2024, 3:55 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower management center
vendor: cisco model: firepower
vendor: cisco model: cisco firepower management center
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower threat defense software
vendor: cisco model: asa software

Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms | CISA

Trust: 3.75

Fetched: April 26, 2024, 9:08 a.m., Published: April 26, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense
db: NVD ids: CVE-2024-20359, CVE-2024-20353, CVE-2024-20358

Exploitation of vulnerabilities affecting Cisco Firewall... - NCSC.GOV.UK

Trust: 5.0

Fetched: April 26, 2024, 9:08 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: adaptive security appliance
vendor: cisco model: asa software
vendor: cisco model: firepower threat defense
db: NVD ids: CVE-2024-20359, CVE-2024-20353, CVE-2024-20358

LACNIC Blog | A Persistent Threat: Critical Vulnerability in Network Devices

Trust: 3.75

Fetched: April 26, 2024, 9:07 a.m., Published: April 25, 2024, 1:55 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
db: NVD ids: CVE-2023-20273, CVE-2023-20198

Revoking vulnerable Windows boot managers | Windows IT Pro blog

Trust: 3.0

Fetched: April 26, 2024, 9:06 a.m., Published: April 26, 2024, 7:13 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-21894, CVE-2023-24932

Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks | Ars Technica

Trust: 3.75

Fetched: April 26, 2024, 9:06 a.m., Published: April 24, 2024, 8:55 p.m.
 Vulnerabilities: improper validation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-20359, CVE-2024-20353

More on the PAN-OS CVE-2024-3400

Trust: 5.25

Fetched: April 24, 2024, 9:22 a.m., Published: April 19, 2024, 1:24 p.m.
 Vulnerabilities: command injection, command execution
Affected productsExternal IDs
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: pan-os
vendor: paloaltonetworks model: networks
db: NVD ids: CVE-2024-3400

Security Vulnerabilities in Hikvision NVR Devices - Poradnik dotyczący zabezpieczeń - Hikvision

Trust: 5.0

Fetched: April 24, 2024, 9:22 a.m., Published: April 2, 2024, midnight
 Vulnerabilities: command injection, pointer dereference vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2024-29948, CVE-2024-29949, CVE-2024-29947