Sign-up

VARIoT news about IoT security

Mobile Security Threats in 2025: How to Protect Your Devices

Trust: 4.0

Fetched: Oct. 2, 2024, 10:56 a.m., Published: Oct. 2, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

CVE-2024-45032: Industrial Edge Device Token Impersonation Vulnerability - DEC Solutions Group

Trust: 3.25

Fetched: Oct. 2, 2024, 10:55 a.m., Published: Sept. 10, 2024, 10:31 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-45032

Microsoft patches CVE-2024-38063 IPv6 RCE vulnerability • The Register

Trust: 5.75

Fetched: Oct. 2, 2024, 10:55 a.m., Published: -
 Vulnerabilities: cross-site scripting, information disclosure, feature bypass...
Affected productsExternal IDs
vendor: ahnlab model: engine
db: NVD ids: CVE-2024-38106, CVE-2024-38140, CVE-2024-38202, CVE-2024-38107, CVE-2024-38166, CVE-2024-21302, CVE-2024-38189, CVE-2024-38213, CVE-2024-38199, CVE-2024-38178, CVE-2024-38200, CVE-2024-38160, CVE-2024-38063, CVE-2024-38109, CVE-2024-38159, CVE-2024-41730, CVE-2024-38206, CVE-2024-38193

Network Vulnerabilities 101: Types and Prevention Methods | Okta

Trust: 3.0

Fetched: Oct. 2, 2024, 10:54 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs

Samsung says August 2024 security patch is critical for its devices - SamMobile

Trust: 3.0

Fetched: Oct. 2, 2024, 10:52 a.m., Published: July 19, 2024, 5:21 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung

CVE-2024-47527 - Exploits & Severity - Feedly

Trust: 4.0

Fetched: Oct. 2, 2024, 10:49 a.m., Published: Oct. 1, 2024, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2024-47527

PKFail puts hundreds of computers and laptops at risk and renders Secure Boot useless on them

Related entries in the VARIoT vulnerabilities database: VAR-201609-0149

Trust: 3.75

Fetched: Oct. 2, 2024, 10:48 a.m., Published: July 26, 2024, 2:46 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
db: NVD ids: CVE-2016-5247

Bluetooth Flaw: Multi-OS Takeover Risk! 🚨📱 - Impulsec

Trust: 4.5

Fetched: Oct. 2, 2024, 10:46 a.m., Published: Jan. 17, 2024, 10:54 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macbook air
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: macbook pro
vendor: apple model: macbook
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2024-21306, CVE-2023-45866

Secure Boot is completely broken on 200+ models from 5 big device makers | Ars Technica

Trust: 3.0

Fetched: Oct. 2, 2024, 10:45 a.m., Published: July 25, 2024, 6 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Android Developers Blog: Making security easy: How we are helping you fix vulnerabilities in your Android apps

Trust: 3.75

Fetched: Oct. 2, 2024, 10:44 a.m., Published: -
 Vulnerabilities: directory traversal
Affected productsExternal IDs
vendor: google model: android

CVE-2024-6242 - Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices - SecAlerts

Trust: 3.0

Fetched: Oct. 2, 2024, 10:44 a.m., Published: Oct. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-6242

Critical Security Bypass Vulnerability Found in Rockwell Automation ControlLogix 1756 Devices - VULNERA

Trust: 4.75

Fetched: Oct. 2, 2024, 10:43 a.m., Published: Aug. 5, 2024, 6:07 a.m.
 Vulnerabilities: security bypass
Affected productsExternal IDs
vendor: rockwell automation model: automation controllogix
vendor: rockwell automation model: controllogix controller
vendor: rockwell automation model: controllogix
vendor: rockwell model: automation controllogix
vendor: rockwell model: controllogix controller
vendor: rockwell model: controllogix
db: NVD ids: CVE-2024-6242

Cisco Smart Software Manager Flaw let Attackers Change Any User Passwords

Trust: 3.0

Fetched: Oct. 2, 2024, 10:42 a.m., Published: July 18, 2024, 3:45 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-20419

RomPager - Evaluation of Security Vulnerability - VU#561444 Expanded info on CVE-2014-9222, CVE-2014 | Digi International

Related entries in the VARIoT vulnerabilities database: VAR-201412-0434

Trust: 4.5

Fetched: Oct. 2, 2024, 10:40 a.m., Published: Oct. 2, 2014, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: digi model: anywhereusb
vendor: digi international model: anywhereusb
db: NVD ids: CVE-2014-9223, CVE-2014-9222

Potential Vulnerability: Access to Devices on Network via Teams - Microsoft Community Hub

Trust: 3.25

Fetched: Oct. 2, 2024, 10:39 a.m., Published: Aug. 26, 2024, 11:41 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks | Trend Micro (US)

Trust: 4.5

Fetched: Oct. 2, 2024, 10:37 a.m., Published: July 15, 2024, midnight
 Vulnerabilities: script execution, privilege escalation, file execution...
Affected productsExternal IDs
vendor: trend model: deep security
vendor: trend model: security
vendor: trend micro model: deep security
vendor: trend micro model: security
db: NVD ids: CVE-2024-38112

Linux Kernel - Security Vulnerabilities in 2024

Trust: 4.25

Fetched: Oct. 2, 2024, 10:33 a.m., Published: Oct. 2, 2024, midnight
 Vulnerabilities: kernel crash, pointer dereference issue, kernel panic...
Affected productsExternal IDs
vendor: rockchip model: rockchip
vendor: rockchip model: kernel
db: NVD ids: CVE-2024-46775, CVE-2024-46853, CVE-2024-46767, CVE-2024-46772, CVE-2024-46829, CVE-2024-46807, CVE-2024-46844, CVE-2024-46858, CVE-2024-46813, CVE-2024-46849, CVE-2024-46773, CVE-2024-46814, CVE-2024-46840, CVE-2024-46867, CVE-2024-46847, CVE-2024-46815, CVE-2024-46843, CVE-2024-46836, CVE-2024-46736, CVE-2024-46837, CVE-2024-46810, CVE-2024-46769, CVE-2024-46761, CVE-2024-46861, CVE-2024-46868, CVE-2024-46768, CVE-2024-46818, CVE-2024-46806, CVE-2024-46771, CVE-2024-46850, CVE-2024-46833, CVE-2024-46869, CVE-2024-46803, CVE-2024-46762, CVE-2024-46811, CVE-2024-46826, CVE-2024-46779, CVE-2024-46827, CVE-2024-46860, CVE-2024-46758, CVE-2024-46834, CVE-2024-46851, CVE-2024-46856, CVE-2024-46812, CVE-2024-46808, CVE-2024-46857, CVE-2024-46846, CVE-2024-46832, CVE-2024-46804, CVE-2024-46759, CVE-2024-46764, CVE-2024-46835, CVE-2024-46855, CVE-2024-46841, CVE-2024-46735, CVE-2024-46739, CVE-2022-48945, CVE-2024-46822, CVE-2024-46763, CVE-2024-46830, CVE-2024-46852, CVE-2024-46848, CVE-2024-46820, CVE-2024-46862, CVE-2024-46824, CVE-2024-46742, CVE-2024-46854, CVE-2024-46743, CVE-2024-46865, CVE-2024-46817, CVE-2024-46776, CVE-2015-3290, CVE-2024-46838, CVE-2024-46778, CVE-2024-46741, CVE-2024-46831, CVE-2024-46866, CVE-2024-46734, CVE-2024-46738, CVE-2024-46740, CVE-2024-46828, CVE-2024-46774, CVE-2024-46809, CVE-2024-46766, CVE-2024-46770, CVE-2024-46819, CVE-2024-46805, CVE-2024-46863, CVE-2024-46845, CVE-2024-46802, CVE-2024-46760, CVE-2024-46825, CVE-2024-46765, CVE-2024-46823, CVE-2024-46859, CVE-2024-46864, CVE-2024-46737, CVE-2024-46777, CVE-2024-46842, CVE-2024-46821, CVE-2024-46816

Zero-Day Vulnerability In Arcadyan WiFi Devices Allows RCE for Root Access

Trust: 4.5

Fetched: Oct. 2, 2024, 10:31 a.m., Published: Aug. 22, 2024, 9:54 a.m.
 Vulnerabilities: command injection, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-41992

CVE-LLM : Automatic vulnerability evaluation in medical device industry using large language models

Trust: 3.5

Fetched: Oct. 2, 2024, 10:29 a.m., Published: Oct. 1, 2024, midnight
 Vulnerabilities: cross-site scripting, authentication bypass, sql injection...
Affected productsExternal IDs
db: NVD ids: CVE-2022-12345

27 Best Free Network IP Scanning Tools for 2024 - PrivacySavvy

Trust: 4.25

Fetched: Oct. 2, 2024, 10:27 a.m., Published: Aug. 23, 2024, 2:17 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: snort model: snort
vendor: cisco model: routers
vendor: wireshark model: wireshark
vendor: essential model: phone