VARIoT latest news about IoT security

Everything you need to know about the Cleo file transfer vulnerability, including affected products, patches, and temporary mitigations \| ITPro Trust: 5.0 Fetched: Dec. 13, 2024, 9:34 a.m., Published: Dec. 12, 2024, 11:11 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

zoom

model:

client

db:

NVD

ids:

CVE-2024-50623

Apple Just Patched These 20 Security Vulnerabilities With iOS 18.2 \| Lifehacker Trust: 5.5 Fetched: Dec. 13, 2024, 9:32 a.m., Published: Dec. 12, 2024, 1 p.m.	Vulnerabilities: memory corruption, code execution, process crash...

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	watchos
vendor:	apple	model:	iphone
vendor:	apple	model:	tvos
vendor:	apple	model:	safari
vendor:	apple	model:	webkit

db:

NVD

ids:

CVE-2024-44225, CVE-2024-54500, CVE-2024-54527, CVE-2024-54485, CVE-2024-44246, CVE-2024-54510, CVE-2024-54492, CVE-2024-54526, CVE-2024-54494, CVE-2024-54514, CVE-2024-54508, CVE-2024-54505, CVE-2024-54513, CVE-2024-54501, CVE-2024-44245, CVE-2024-54479, CVE-2024-54534, CVE-2024-54486, CVE-2024-54503, CVE-2024-45490, CVE-2024-54502

China-based hacker accused of deploying malware to exploit global firewall devices - Times of Oman Trust: 3.75 Fetched: Dec. 13, 2024, 9:32 a.m., Published: Dec. 13, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

sophos

model:

firewall

db:

NVD

ids:

CVE-2020-12271

China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide \| Flashpoint Trust: 3.75 Fetched: Dec. 13, 2024, 9:31 a.m., Published: Dec. 11, 2024, 2:32 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

sophos

model:

firewall

db:

NVD

ids:

CVE-2020-12271

China-based hacker accused of deploying malware to exploit global firewall devices, ET CISO Trust: 3.75 Fetched: Dec. 13, 2024, 9:30 a.m., Published: Dec. 12, 2024, 6:07 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

sophos

model:

firewall

db:

NVD

ids:

CVE-2020-12271

U.S. Indicts Chinese Hacker for Exploit Targeting 81,000 Devices Trust: 3.75 Fetched: Dec. 13, 2024, 9:29 a.m., Published: Dec. 11, 2024, 12:56 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

sophos

model:

firewall

db:

NVD

ids:

CVE-2020-12271

Siemens SENTRON Powercenter 1000 \| CISA Trust: 4.75 Fetched: Dec. 13, 2024, 9:28 a.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

siemens

model:

modbus tcp

db:

NVD

ids:

CVE-2024-6657

Ivanti patches high-severity vulnerabilities in CSA after exposure of critical flaws Trust: 4.0 Fetched: Dec. 13, 2024, 9:27 a.m., Published: Dec. 11, 2024, 10:16 a.m.	Vulnerabilities: authentication bypass, code execution, command injection...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-39710, CVE-2024-11772, CVE-2024-11005, CVE-2024-38655, CVE-2024-39712, CVE-2024-11007, CVE-2024-11639, CVE-2024-11773, CVE-2024-38656

Access Denied Trust: 3.25 Fetched: Dec. 13, 2024, 9:26 a.m., Published: May 19, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

samsung

Access Denied Trust: 3.25 Fetched: Dec. 13, 2024, 9:26 a.m., Published: May 19, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

samsung

Access Denied Trust: 3.25 Fetched: Dec. 13, 2024, 9:25 a.m., Published: May 19, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

samsung

Access Denied Trust: 3.25 Fetched: Dec. 13, 2024, 9:24 a.m., Published: May 19, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

samsung

The Insecure IoT Cloud Strikes Again: RCE on Ruijie Cloud-Connected Devices \| Claroty Trust: 5.5 Fetched: Dec. 13, 2024, 9:22 a.m., Published: Dec. 12, 2024, midnight	Vulnerabilities: code execution, denial of service

Affected products

External IDs

vendor:

wireshark

model:

wireshark

db:

NVD

ids:

CVE-2024-52324, CVE-2024-45722

ICMP Timestamp Request Remote Date Disclosure (CVE-1999-0524) \| Retest Security Related entries in the VARIoT vulnerabilities database: VAR-199708-0008 Trust: 4.0 Fetched: Dec. 13, 2024, 9:20 a.m., Published: Dec. 12, 2024, 8:41 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

cisco

model:

cisco ios

db:

NVD

ids:

CVE-1999-0524

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability Trust: 4.0 Fetched: Dec. 13, 2024, 9:19 a.m., Published: Oct. 23, 2024, 3:57 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	series
vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	series industrial security appliances
vendor:	cisco	model:	asa software
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	adaptive security appliance

Usługa Dell Power Manager \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Dec. 11, 2024, 10:52 a.m., Published: March 17, 2000, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	dell	model:	optiplex

Citrix NetScaler devices targeted in brute force campaign \| TechTarget Trust: 4.5 Fetched: Dec. 11, 2024, 10:48 a.m., Published: Dec. 10, 2024, midnight	Vulnerabilities: memory corruption, denial of service

Affected products

External IDs

vendor:	citrix	model:	gateway
vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	netscaler
vendor:	citrix	model:	netscaler gateway

db:

NVD

ids:

CVE-2024-8535, CVE-2024-8534

Cisco NX-OS (CVE-2024-20397) - How to find vulnerable systems Trust: 4.0 Fetched: Dec. 11, 2024, 10:48 a.m., Published: Dec. 7, 2024, 2:38 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	nx-os
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	series switches
vendor:	cisco	model:	mds 9000
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	nexus
vendor:	cisco	model:	series
vendor:	cisco	model:	mds 9000 series

db:

NVD

ids:

CVE-2024-20397

D-Link NAS Devices Under Attack: Critical Vulnerability Exploited - UNDERCODE NEWS Related entries in the VARIoT vulnerabilities database: VAR-202411-0293 Trust: 3.25 Fetched: Dec. 11, 2024, 10:48 a.m., Published: Nov. 15, 2024, 12:44 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-10914

Exclusions overview - Microsoft Defender for Endpoint \| Microsoft Learn Trust: 3.0 Fetched: Dec. 11, 2024, 10:47 a.m., Published: Nov. 14, 2024, midnight	Vulnerabilities: memory leak

Affected products	External IDs

VARIoT news about IoT security