Sign-up

VARIoT news about IoT security

CVE-2024-8256 - Exploits & Severity - Feedly

Trust: 3.75

Fetched: Dec. 11, 2024, 10:46 a.m., Published: Dec. 10, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: teltonika-networks model: rut240
vendor: teltonika model: rut240
db: NVD ids: CVE-2024-8256

Latest Cleo Software vulnerability: How to find impacted assets

Trust: 4.25

Fetched: Dec. 11, 2024, 10:45 a.m., Published: Dec. 10, 2024, 4:56 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-50623

December 2024 Windows 11 KB5048667 KB5048685 Patches And 1 Zero Day Vulnerabilities 71 Flaws HTMD Blog

Trust: 4.5

Fetched: Dec. 11, 2024, 10:45 a.m., Published: Dec. 10, 2024, 6:46 p.m.
 Vulnerabilities: denial of service, code execution, information disclosure
Affected productsExternal IDs
vendor: asus model: asus
db: NVD ids: CVE-2024-49138

Update Barco ClickShare CX-20: Fix vulnerability CVE-2024-53919

Trust: 3.75

Fetched: Dec. 11, 2024, 10:21 a.m., Published: Dec. 20, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: barco model: clickshare
db: NVD ids: CVE-2024-53919

iOS vuln leaves user data dangerously exposed | Computer Weekly

Trust: 3.75

Fetched: Dec. 11, 2024, 10:21 a.m., Published: Dec. 10, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: icloud
db: NVD ids: CVE-2024-44131

US Sanctions Chinese Cybersecurity Firm for Hacking 81K Firewall Devices

Trust: 3.75

Fetched: Dec. 11, 2024, 10:20 a.m., Published: Dec. 10, 2024, 7:35 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sophos model: firewall
db: NVD ids: CVE-2020-12271

US Sanctions Chinese Cybersecurity Firm for Hacking 81K Firewall Devices

Trust: 3.75

Fetched: Dec. 11, 2024, 10:19 a.m., Published: Dec. 10, 2024, 7:35 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sophos model: firewall
db: NVD ids: CVE-2020-12271

Introduction to Microsoft Security Copilot - DEV Community

Related entries in the VARIoT vulnerabilities database: VAR-202008-0248

Trust: 3.75

Fetched: Dec. 11, 2024, 10:18 a.m., Published: Dec. 10, 2024, 9:09 p.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
db: NVD ids: CVE-2020-1472

Northern District of Indiana | China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide | United States Department of Justice

Trust: 3.75

Fetched: Dec. 11, 2024, 10:17 a.m., Published: Dec. 10, 2024, 8 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sophos model: firewall
db: NVD ids: CVE-2020-12271

Jamf uncovers TCC bypass vulnerability allowing stealthy access to iCloud data - 9to5Mac

Trust: 3.5

Fetched: Dec. 11, 2024, 10:11 a.m., Published: Dec. 10, 2024, 2:44 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: icloud
db: NVD ids: CVE-2024-44131

Patch Tuesday, December 2024 Edition - Krebs on Security

Trust: 4.0

Fetched: Dec. 11, 2024, 10:11 a.m., Published: Dec. 17, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-49138, CVE-2024-49112

Now-patched macOS and iOS vulnerability allowed undetected access by bypassing data protections - SiliconANGLE

Trust: 5.75

Fetched: Dec. 11, 2024, 10:10 a.m., Published: Dec. 10, 2024, 1:28 a.m.
 Vulnerabilities: symlink attack
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: icloud
db: NVD ids: CVE-2024-44131

OpenWrt’s Attended SysUpgrade (ASU) Vulnerability Exposes Routers to Malicious Firmware Attacks - SOCRadar® Cyber Intelligence Inc.

Trust: 5.75

Fetched: Dec. 11, 2024, 10:09 a.m., Published: Dec. 10, 2024, 10:30 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: asus model: asus
vendor: asus model: routers
db: NVD ids: CVE-2024-54143

Technology News | TechHQ | Latest Technology News & Analysis

Trust: 4.75

Fetched: Dec. 11, 2024, 10:09 a.m., Published: Dec. 10, 2024, 11:22 a.m.
 Vulnerabilities: request forgery, command injection, authentication vulnerability...
Affected productsExternal IDs
db: NVD ids: CVE-2024-38643, CVE-2024-48861, CVE-2024-48860, CVE-2024-38644, CVE-2024-38645

Transparency, Consent and Control (TCC) Bypass Vulnerability (CVE-2024-44131)

Trust: 4.25

Fetched: Dec. 11, 2024, 10:07 a.m., Published: Dec. 12, 2024, midnight
 Vulnerabilities: path traversal, symlink attack
Affected productsExternal IDs
vendor: google model: home
vendor: apple model: macos
vendor: apple model: icloud
db: NVD ids: CVE-2024-44131

Vulnerabilities Discovered in Advantech EKI Access Points

Trust: 6.25

Fetched: Dec. 11, 2024, 10:07 a.m., Published: Dec. 15, 2024, midnight
 Vulnerabilities: cross-site scripting, command injection, denial of service...
Affected productsExternal IDs
vendor: advantech model: eki-1361
vendor: nozomi model: guardian
db: NVD ids: CVE-2024-50358, CVE-2024-50368, CVE-2024-50377, CVE-2024-50370, CVE-2024-50365, CVE-2024-50359, CVE-2024-50360, CVE-2024-50366, CVE-2024-50372, CVE-2024-50367, CVE-2024-50364, CVE-2024-50369, CVE-2024-50373, CVE-2024-50374, CVE-2024-50361, CVE-2024-50371, CVE-2024-50376, CVE-2024-50375, CVE-2024-50363, CVE-2024-50362

Office of Public Affairs | China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide | United States Department of Justice

Trust: 3.75

Fetched: Dec. 11, 2024, 10:06 a.m., Published: Dec. 10, 2024, 2:05 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sophos model: firewall
db: NVD ids: CVE-2020-12271

GeoVision Devices Vulnerability Exploited by Botnet Malware - Ophtek

Trust: 3.25

Fetched: Dec. 11, 2024, 10:06 a.m., Published: Nov. 27, 2024, 5:25 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-11120

Beware of Exploitable ML Clients and "Safe" Models

Trust: 4.5

Fetched: Dec. 11, 2024, 10:05 a.m., Published: Dec. 4, 2024, 1:58 p.m.
 Vulnerabilities: directory traversal, denial of service, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2024-27132, CVE-2024-6960, CVE-2023-5245

Hacking Your Own IoT: A White Hat’s Guide to Securing Smart Devices

Trust: 4.25

Fetched: Dec. 11, 2024, 10:04 a.m., Published: Dec. 11, 2024, 2 p.m.
 Vulnerabilities: cross-site scripting, default credentials, sql injection
Affected productsExternal IDs
vendor: wireshark model: wireshark