Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

How to Fix the Top 10 Windows 10 Vulnerabilities [Infographic] | UpGuard

Trust: 4.0

Fetched: April 21, 2024, 9:33 a.m., Published: April 10, 2024, midnight
 Vulnerabilities: privilege escalation, code execution, feature bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2015-0057, CVE-2015-1769, CVE-2015-5143

ESP32 IoT Devices Vulnerable to Forever-Hack - InfoQ

Trust: 3.75

Fetched: April 21, 2024, 9:31 a.m., Published: April 2, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: routers
vendor: cisco model: cisco routers
db: NVD ids: CVE-2019-17391

Pixel Update Bulletin-April 2024 | Android Open Source Project

Trust: 4.25

Fetched: April 21, 2024, 9:30 a.m., Published: April 21, 2024, midnight
 Vulnerabilities: information disclosure, code execution, denial of service
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2024-29749, CVE-2024-29755, CVE-2024-29743, CVE-2024-29752, CVE-2024-29750, CVE-2024-29753, CVE-2024-29757, CVE-2023-43515, CVE-2024-29782, CVE-2024-29756, CVE-2024-29738, CVE-2024-29747, CVE-2024-29754, CVE-2024-27232, CVE-2024-29745, CVE-2024-29739, CVE-2024-29740, CVE-2024-29742, CVE-2024-27231, CVE-2024-29741, CVE-2024-29783, CVE-2024-29751, CVE-2024-29746, CVE-2024-29744, CVE-2024-29748

Low-Privileged User Can Execute Arbitrary Code Remotely on Device with High Privileges (CVE-2024-2162) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 3.0

Fetched: April 21, 2024, 9:30 a.m., Published: April 21, 2024, midnight
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-2162

CVE-2024-0027: Permanent device denial of service due to bypassing snoozed notifications limit number

Trust: 4.0

Fetched: April 21, 2024, 9:27 a.m., Published: Feb. 4, 2024, midnight
 Vulnerabilities: resource exhaustion, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-0027

Ransomware leak site reports rose by 49% in 2023, but there is good news | ZDNET

Trust: 5.5

Fetched: April 21, 2024, 9:26 a.m., Published: April 21, 2023, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks
db: NVD ids: CVE-2021-21974, CVE-2023-34362, CVE-2023-0669, CVE-2023-35708, CVE-2023-35036

Z-Wave End Devices Vulnerable to Stack Buffer Overflow (CVE-2023-51395) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 3.25

Fetched: April 21, 2024, 9:25 a.m., Published: April 21, 2024, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2023-51395

Robust IoT Security Service Scanning Features

Trust: 3.0

Fetched: April 21, 2024, 9:23 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

Apple Patches Critical Zero-Day - Spiceworks

Trust: 4.75

Fetched: April 21, 2024, 9:22 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: webkit
vendor: apple model: tvos
vendor: apple model: macos
db: NVD ids: CVE-2024-23222

Apple Patches WebKit Zero Day, Adds Stolen Device Protection in iOS | Decipher

Trust: 4.75

Fetched: April 21, 2024, 9:22 a.m., Published: Jan. 23, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: iphone
db: NVD ids: CVE-2024-23222

5G Security Threat Landscape, AI and Blockchain | Wireless Personal Communications

Trust: 4.75

Fetched: April 21, 2024, 9:21 a.m., Published: Dec. 1, 2023, midnight
 Vulnerabilities: denial of service

OT and IoT Network Anomalies Raise Red Flags as Threats to Critical Infrastructure Becomes More Sophisticated

Trust: 4.5

Fetched: April 21, 2024, 9:20 a.m., Published: April 4, 2024, midnight
 Vulnerabilities: brute force attack, buffer overflow, code execution...
Affected productsExternal IDs
vendor: trend model: security

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) | Volexity

Trust: 4.25

Fetched: April 21, 2024, 9:17 a.m., Published: April 12, 2024, 5:02 p.m.
 Vulnerabilities: command injection, code execution, os command injection
Affected productsExternal IDs
vendor: palo model: palo alto networks globalprotect
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: palo model: networks globalprotect
vendor: palo model: networks
vendor: palo alto networks model: palo alto networks globalprotect
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks globalprotect
vendor: palo alto networks model: networks
vendor: google model: chrome
vendor: google model: google chrome
vendor: asus model: routers
vendor: asus model: asus
db: NVD ids: CVE-2024-3400

Exploring vulnerabilities and potential risk factors of the Trezor hardware wallet. - Trezor Hardware Wallet (Official)

Trust: 3.5

Fetched: April 21, 2024, 9:16 a.m., Published: Feb. 18, 2024, 12:43 a.m.
 Vulnerabilities: code execution, information leakage, buffer overflow...
Affected productsExternal IDs
vendor: essential model: phone

Cisco Integrated Management Controller CLI Command Injection Vulnerability

Trust: 4.0

Fetched: April 21, 2024, 9:15 a.m., Published: April 19, 2024, 4:06 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: integrated management controller
vendor: cisco model: series
vendor: cisco model: catalyst
vendor: cisco model: cisco integrated management controller

Guarding Against IoT Attacks: Strategies and Best Practices | Coursera

Trust: 4.5

Fetched: April 21, 2024, 9:07 a.m., Published: April 2, 2024, midnight
 Vulnerabilities: weak password
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: lg electronics model: mobile
vendor: google model: google home
vendor: google model: home
vendor: google model: android

Top 6 Cloud Vulnerabilities - CrowdStrike

Trust: 3.5

Fetched: April 19, 2024, 9:09 a.m., Published: Feb. 2, 2024, 6:40 p.m.
 Vulnerabilities: sql injection, code injection, command injection
Affected productsExternal IDs

Cybersecurity: The need for data and patient safety with cardiac implantable electronic devices - PMC

Trust: 3.5

Fetched: April 19, 2024, 9:06 a.m., Published: March 19, 2021, midnight
 Vulnerabilities: resource depletion
Affected productsExternal IDs
vendor: google model: home
vendor: apple model: iphone
vendor: medtronic model: carelink programmer
vendor: medtronic model: carelink 2090

“Highly capable” hackers root corporate networks by exploiting firewall 0-day | Ars Technica

Trust: 3.5

Fetched: April 19, 2024, 9:05 a.m., Published: April 12, 2024, 8:48 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
db: NVD ids: CVE-2024-3400

CVE-2024-24720 - Information Disclosure Vulnerability in Innovaphone PBX Devices prior to 14r1

Trust: 4.75

Fetched: April 17, 2024, 9:29 a.m., Published: Feb. 27, 2024, 1:15 a.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2024-24720