VARIoT latest news about IoT security

Writing a Cybersecurity Report Executive Summary (inc. Examples) \| UpGuard Trust: 3.75 Fetched: Nov. 26, 2024, 10:08 a.m., Published: -	Vulnerabilities: privilege escalation

Affected products	External IDs

Machine Learning-Based Methodologies for Cyber-Attacks and Network Traffic Monitoring: A Review and Insights Trust: 3.25 Fetched: Nov. 26, 2024, 10:06 a.m., Published: Nov. 20, 2024, midnight	Vulnerabilities: sql injection, command injection, denial of service

Affected products	External IDs

Volatile Memory Explained - Blue Goat Cyber Trust: 3.75 Fetched: Nov. 26, 2024, 10:05 a.m., Published: Feb. 24, 2024, 2:10 p.m.	Vulnerabilities: system crash

Affected products

External IDs

vendor:

dram

model:

dram

Feature Spotlight - Using IP Fabric to Protect Against Network Vulnerabilities - IP Fabric Trust: 4.0 Fetched: Nov. 26, 2024, 10:05 a.m., Published: Nov. 22, 2024, 1:28 p.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:

palo

model:

networks

Vulnerability Recap 11/4/24: Microsoft, Google, Rockwell Related entries in the VARIoT vulnerabilities database: VAR-202410-3402 Trust: 4.25 Fetched: Nov. 26, 2024, 10:05 a.m., Published: Nov. 4, 2024, 9:26 p.m.	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	rockwell	model:	factorytalk
vendor:	mitsubishi electric	model:	mx component
vendor:	mitsubishi	model:	mx component
vendor:	rockwell automation	model:	factorytalk

db:

NVD

ids:

CVE-2023-6943, CVE-2024-10386

Over 900,000 DrayTek Routers Still at Risk One Month After Critical Vulnerability Disclosure \| CIP Blog Related entries in the VARIoT vulnerabilities database: VAR-202410-3635 Trust: 4.75 Fetched: Nov. 26, 2024, 10:03 a.m., Published: Oct. 31, 2024, 8 p.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	draytek	model:	draytek routers
vendor:	draytek	model:	vigor
vendor:	draytek	model:	routers

db:

NVD

ids:

CVE-2024-41592, CVE-2024-41585

Android 15 users beware, govt has issues a high risk warning and you should not ignore it - India Today Trust: 4.0 Fetched: Nov. 26, 2024, 9:36 a.m., Published: Nov. 26, 2024, 6:08 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

google

model:

android

Government issues urgent warning for Apple users: Critical vulnerabilities found in iPhones, Macs, and Safari \| Tech News Trust: 5.75 Fetched: Nov. 26, 2024, 9:35 a.m., Published: Nov. 25, 2024, 7:25 a.m.	Vulnerabilities: denial of service, cross-site scripting

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	macos
vendor:	apple	model:	safari

db:

NVD

ids:

CVE-2024-44309, CVE-2024-44308

Topic: “Connected to device. Can’t provide internet.” @ AskWoody Trust: 3.25 Fetched: Nov. 26, 2024, 9:33 a.m., Published: Nov. 2, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

d-link

model:

router

D-Link won't patch its older VPN routers, leaving critical vulnerability unaddressed \| TechSpot Trust: 4.75 Fetched: Nov. 26, 2024, 9:32 a.m., Published: Nov. 11, 2024, midnight	Vulnerabilities: buffer overflow, code execution, command injection

Affected products

External IDs

vendor:	d-link	model:	router
vendor:	d-link	model:	dsr-150n
vendor:	d-link	model:	dsr-500n
vendor:	d-link	model:	dsr-150
vendor:	d-link	model:	dsr-250
vendor:	d-link	model:	dsr-250n
vendor:	d-link	model:	dsr-1000n

Malware exploits Avast driver vulnerability to terminate security processes Trust: 3.75 Fetched: Nov. 26, 2024, 9:32 a.m., Published: Nov. 25, 2024, 11:04 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend micro	model:	antivirus
vendor:	blackberry	model:	blackberry
vendor:	symantec	model:	antivirus
vendor:	trend	model:	security
vendor:	trend	model:	antivirus
vendor:	avast	model:	antivirus

db:

NVD

ids:

CVE-2022-26522, CVE-2022-26523

Apple iPhone, iPad, And Mac Users at Risk: CERT-In Issues High Severity Security Warning - Tech Trust: 5.5 Fetched: Nov. 26, 2024, 9:31 a.m., Published: Nov. 25, 2024, 7:13 a.m.	Vulnerabilities: code execution, cross-site scripting

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	macos
vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2024-44309, CVE-2024-44308

'High risk' for Apple iPhone, iPad, Mac users, government warns - Hindustan Times Trust: 4.5 Fetched: Nov. 26, 2024, 9:30 a.m., Published: Nov. 25, 2024, 6:34 a.m.	Vulnerabilities: code execution, denial of service, cross-site scripting

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	macos
vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	ipad

CERT-In issues major warning for iPhone, iPad and Mac users: Here's how to keep your device safe Trust: 4.75 Fetched: Nov. 26, 2024, 9:30 a.m., Published: Nov. 25, 2024, 6:21 a.m.	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	macos
vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2024-44309, CVE-2024-44308

Android 15 users beware, govt has issues a high risk warning and you should not ignore it - India Today Trust: 4.0 Fetched: Nov. 26, 2024, 9:29 a.m., Published: Nov. 26, 2024, 6:08 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

google

model:

android

CERT-In Issues Critical Security Alert for Apple Users: Update Your Devices Now Trust: 4.75 Fetched: Nov. 26, 2024, 9:28 a.m., Published: Nov. 25, 2024, 1:51 p.m.	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	macos
vendor:	apple	model:	safari

db:

NVD

ids:

CVE-2024-44309, CVE-2024-44308

2000 Un-Patched Palo Alto Firewalls Exploited Via PAN-OS Vulnerabilities Trust: 4.5 Fetched: Nov. 26, 2024, 9:27 a.m., Published: Nov. 25, 2024, 9 a.m.	Vulnerabilities: authentication bypass, command execution, privilege escalation

Affected products

External IDs

vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	pan-os
vendor:	palo alto networks	model:	networks
vendor:	palo	model:	firewall
vendor:	palo	model:	pan-os
vendor:	palo	model:	networks

db:

NVD

ids:

CVE-2024-9474, CVE-2024-0012

Samsung Electronics Scales Up Mobile Security Rewards Programme To Boost Industry Collaboration and Commitment - Samsung Newsroom U.K. Trust: 3.5 Fetched: Nov. 26, 2024, 9:27 a.m., Published: Nov. 25, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	mobile
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	samsung mobile
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	samsung

Solved: Re: CISCO Meraki MS 120 - Qualys Vulnerability Scan - The Meraki Community Trust: 3.25 Fetched: Nov. 26, 2024, 9:26 a.m., Published: Jan. 5, 2024, 12:33 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

cisco

model:

meraki ms

Mitigation strategies for edge devices \| by SOCFortress \| Oct, 2024 \| Medium Trust: 3.0 Fetched: Nov. 26, 2024, 9:25 a.m., Published: Oct. 26, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

VARIoT news about IoT security