Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

The Peril of Badly Secured Network Edge Devices

Related entries in the VARIoT vulnerabilities database: VAR-202005-0696

Trust: 3.75

Fetched: May 3, 2024, 10:42 a.m., Published: May 19, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: firepower
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: network access control
vendor: cisco model: asa software
vendor: cisco model: firepower threat defense
vendor: cisco model: adaptive security appliance
db: NVD ids: CVE-2024-20359, CVE-2020-3259, CVE-2024-20353

Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation - Stella Maris Press

Related entries in the VARIoT vulnerabilities database: VAR-202404-0069, VAR-202404-0070

Trust: 4.75

Fetched: May 3, 2024, 10:38 a.m., Published: April 8, 2024, 6:56 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: d-link model: dns-325
vendor: d-link model: dns-320l
vendor: d-link model: dns-340l
vendor: d-link model: dns-327l
db: NVD ids: CVE-2024-3272, CVE-2024-3273

Government has an 'important warning' on Zoom calls - Times of India

Trust: 5.0

Fetched: May 3, 2024, 10:32 a.m., Published: April 19, 2024, 6:06 p.m.
 Vulnerabilities: cross-site scripting, denial of service
Affected productsExternal IDs
vendor: zoom model: client
db: NVD ids: CVE-2024-27242, CVE-2024-24694, CVE-2024-27247

D-Link Multiple EOL DAP Devices XSS Vulnerability (Apr 2024) - vulnerability database | Vulners.com

Trust: 5.75

Fetched: May 3, 2024, 10:29 a.m., Published: April 3, 2024, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: d-link model: dap-2690_firmware
vendor: d-link model: dap-2660_firmware
vendor: d-link model: dap-2690
vendor: d-link model: d-link dap-2330
vendor: d-link model: dap-3662
vendor: d-link model: dap-2330
vendor: d-link model: dap-2553
vendor: d-link model: dap-2695
vendor: d-link model: dap-2695_firmware
vendor: d-link model: dap-2660
vendor: d-link model: dap-2330_firmware
vendor: d-link model: dap-3662_firmware
vendor: d-link model: dap-2553_firmware
vendor: dlink model: dap-2690_firmware
vendor: dlink model: dap-2660_firmware
vendor: dlink model: dap-2690
vendor: dlink model: d-link dap-2330
vendor: dlink model: dap-3662
vendor: dlink model: dap-2330
vendor: dlink model: dap-2553
vendor: dlink model: dap-2695
vendor: dlink model: dap-2695_firmware
vendor: dlink model: dap-2660
vendor: dlink model: dap-2330_firmware
vendor: dlink model: dap-3662_firmware
vendor: dlink model: dap-2553_firmware
db: NVD ids: CVE-2024-28436

Security flaw in top SSH client could let hackers recover cryptographic private keys | TechRadar

Trust: 3.0

Fetched: May 3, 2024, 10:28 a.m., Published: April 17, 2024, 3 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-31497

ArcaneDoor Unlocked: Tackling State-Sponsored Cyber Espionage in Network Perimeters | Qualys Security Blog

Trust: 4.5

Fetched: May 3, 2024, 10:25 a.m., Published: April 24, 2024, 10:55 p.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower threat defense software
vendor: cisco model: adaptive security appliance
db: NVD ids: CVE-2024-20353317451, CVE-2024-20359, CVE-2024-20353

Learn About Compromised Password Alerts - AT&T Bill & account Customer Support

Trust: 3.25

Fetched: May 3, 2024, 10:24 a.m., Published: May 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking - DigVel - Cybersecurity

Trust: 4.75

Fetched: May 3, 2024, 10:24 a.m., Published: -
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: mikrotik model: router
vendor: mikrotik model: routeros
vendor: mikrotik model: mikrotik router
vendor: mikrotik model: winbox
vendor: snort model: snort
db: NVD ids: CVE-2023-30799

Ferroelectronics Lab - Understanding and utilizing non-volatile properties of materials

Trust: 3.0

Fetched: May 3, 2024, 10:24 a.m., Published: April 9, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: squid model: squid

Weekly Digest - Issue #7 - by CyberStory.net - Cezary

Related entries in the VARIoT vulnerabilities database: VAR-202404-0070, VAR-202404-0069

Trust: 4.5

Fetched: May 3, 2024, 10:22 a.m., Published: April 15, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series
vendor: google model: android
vendor: google model: home
vendor: d-link model: dns-325
vendor: d-link model: dns-320l
vendor: d-link model: dns-340l
vendor: d-link model: dns-327l
db: NVD ids: CVE-2023-6320, CVE-2024-3273, CVE-2023-6318, CVE-2023-6317, CVE-2024-3272, CVE-2023-6319

Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation | Ars Technica

Related entries in the VARIoT vulnerabilities database: VAR-202404-0069, VAR-202404-0070

Trust: 4.75

Fetched: May 3, 2024, 10:21 a.m., Published: April 8, 2024, 6:56 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: d-link model: dns-325
vendor: d-link model: dns-320l
vendor: d-link model: dns-340l
vendor: d-link model: dns-327l
db: NVD ids: CVE-2024-3272, CVE-2024-3273

Siemens Developing a Fix for Device that Palo Alto Firewall Vulnerability Affected - Rewterz

Trust: 5.5

Fetched: May 3, 2024, 10:14 a.m., Published: April 24, 2024, 10:57 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: palo model: networks
vendor: siemens model: ruggedcom
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
db: NVD ids: CVE-2024-3400

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars - Cyber Social Hub

Related entries in the VARIoT vulnerabilities database: VAR-202404-0069, VAR-202404-0070

Trust: 3.75

Fetched: May 3, 2024, 10:13 a.m., Published: April 12, 2024, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-3272, CVE-2024-3273

Top 10 Software Development Trends in 2024

Trust: 4.25

Fetched: May 3, 2024, 10:11 a.m., Published: April 22, 2024, 11:16 a.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: trend model: security

Is Your Kettle Smarter Than a Hacker? A Scalable Tool for Assessing Replay Attack Vulnerabilities on Consumer IoT Devices

Trust: 3.75

Fetched: May 3, 2024, 10:11 a.m., Published: May 3, 2401, midnight
 Vulnerabilities: replay attack
Affected productsExternal IDs
vendor: sonos model: sonos

Critical D-Link Security Flaws Leaves Thousands Of These Storage Devices Vulnerable To Hacks | HotHardware

Trust: 3.5

Fetched: May 3, 2024, 10:09 a.m., Published: April 10, 2024, 2:24 p.m.
 Vulnerabilities: command injection, code execution, denial of service
Affected productsExternal IDs
vendor: d-link model: dns-325
vendor: d-link model: dns-340l
vendor: d-link model: dns-320l
vendor: d-link model: dns-327l

The Corporation's Cybersecurity Improvement - 2329 Words | Report Example

Trust: 3.75

Fetched: May 3, 2024, 10:06 a.m., Published: -
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: apple model: mac os

pip-audit ยท PyPI

Trust: 3.5

Fetched: May 3, 2024, 10:03 a.m., Published: May 3, 2024, midnight
 Vulnerabilities: input validation vulnerability, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2019-1010083, CVE-2018-1000656

Design Zone for Branch/WAN - Security Policy Design Guide for Cisco IOS-XE SD-WAN Devices - Cisco

Trust: 3.25

Fetched: May 3, 2024, 9:58 a.m., Published: April 26, 2024, 9:56 a.m.
 Vulnerabilities: use after free, sql injection
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: routers
vendor: cisco model: router
vendor: cisco model: 4351
vendor: cisco model: vedge
vendor: cisco model: advanced malware protection
vendor: cisco model: wan manager
vendor: cisco model: 4321
vendor: cisco model: intrusion prevention system
vendor: cisco model: series
vendor: cisco model: isr4331
vendor: cisco model: umbrella
vendor: cisco model: sd-wan
vendor: cisco model: ios xe
vendor: cisco model: threat response
vendor: cisco model: sd-wan solution
vendor: cisco model: cisco sd-wan
vendor: cisco model: catalyst
vendor: snort model: snort
vendor: snort.org model: snort

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars | Hack Dojo

Trust: 3.25

Fetched: May 3, 2024, 9:58 a.m., Published: April 12, 2024, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs