Sign-up

VARIoT news about IoT security

Some Samsung Exynos phone chips have a worrying security flaw | TechRadar

Trust: 3.75

Fetched: Dec. 8, 2024, 9:21 a.m., Published: Oct. 24, 2024, 4:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: note 10
vendor: samsung model: mobile
vendor: samsung model: samsung galaxy
vendor: samsung model: note
vendor: samsung model: exynos
vendor: samsung model: samsung
db: NVD ids: CVE-2024-44068

What is Vulnerability Testing in Cyber security & How Does It Work?

Trust: 3.75

Fetched: Dec. 8, 2024, 9:20 a.m., Published: June 12, 2024, 1:01 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs

December 2024 Android Security Update Fixes 14 Critical Vulnerabilities - Tech on the Go

Trust: 4.5

Fetched: Dec. 6, 2024, 10:05 a.m., Published: Dec. 5, 2024, 4:04 p.m.
 Vulnerabilities: code execution, information disclosure
Affected productsExternal IDs
vendor: google model: android

CVE-2024-20397 : CISCO NX-OS BOOTLOADER ACCESS CONTROL - Prophaze Web Application Security

Trust: 4.0

Fetched: Dec. 6, 2024, 10 a.m., Published: Dec. 5, 2024, 9:17 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: nx-os
vendor: cisco model: nx-os software
vendor: cisco model: cisco nx-os
db: NVD ids: CVE-2024-20397

Pixel Watch Security Bulletin-December 2024 | Android Open Source Project

Trust: 4.5

Fetched: Dec. 6, 2024, 9:59 a.m., Published: Dec. 6, 2024, midnight
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2024-33039

Why Zero-Day Attacks Bypass Traditional Firewall Security: Defending Against Zero-Day’s like Palo Alto Networks CVE-2024-0012 - Security Boulevard

Trust: 3.75

Fetched: Dec. 6, 2024, 9:59 a.m., Published: Dec. 5, 2024, 3:30 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: networks
db: NVD ids: CVE-2024-0012

CVE-2023-43131 - General Device Manager Buffer Overflow Vulnerability

Trust: 5.0

Fetched: Dec. 6, 2024, 9:58 a.m., Published: Sept. 25, 2023, 3:15 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2023-43131

Ruijie Networks | Network Devices and Solutions Provider

Trust: 3.5

Fetched: Dec. 6, 2024, 9:58 a.m., Published: Dec. 2, 2024, midnight
 Vulnerabilities: remote command injection, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-42494, CVE-2024-45722, CVE-2024-48874, CVE-2024-51727, CVE-2024-47146, CVE-2024-47791, CVE-2024-47043, CVE-2024-52324, CVE-2024-46874, CVE-2024-47547

I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks

Trust: 4.0

Fetched: Dec. 6, 2024, 9:58 a.m., Published: Dec. 5, 2024, 7:01 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-52564, CVE-2024-45841, CVE-2024-47133

Android Security Bulletin December 2024 | Android Open Source Project

Trust: 4.25

Fetched: Dec. 6, 2024, 9:57 a.m., Published: Dec. 6, 2024, midnight
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: motorola model: android
vendor: motorola model: motorola
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: notes
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-43097, CVE-2024-43764, CVE-2024-33056, CVE-2024-33063, CVE-2024-43048, CVE-2024-43767, CVE-2024-43769, CVE-2024-43701, CVE-2024-43762, CVE-2024-20125, CVE-2024-43052, CVE-2024-33044, CVE-2024-43077, CVE-2024-43768

Most Exploited Vulnerabilities of 2023 (Insights to Define Cybersecurity in 2025) - SOCRadar® Cyber Intelligence Inc.

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202008-0248

Trust: 5.25

Fetched: Dec. 6, 2024, 9:56 a.m., Published: Dec. 3, 2024, 11:36 a.m.
 Vulnerabilities: access control vulnerability, sql injection, privilege escalation...
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: comcast model: xfinity
vendor: comcast model: comcast xfinity
vendor: barracuda model: barracuda
vendor: xfinity model: gateway
vendor: barracuda networks model: barracuda
vendor: zoho model: manageengine servicedesk plus
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
vendor: citrix model: gateway
db: NVD ids: CVE-2023-4966, CVE-2023-27997, CVE-2023-23397, CVE-2023-2868, CVE-2023-20273, CVE-2021-44228, CVE-2023-3466, CVE-2023-3519, CVE-2023-49103, CVE-2023-20198, CVE-2023-34362, CVE-2023-3467, CVE-2023-22515, CVE-2023-27350, CVE-2022-47966, CVE-2020-1472, CVE-2023-42793

Security Bulletins for HUAWEI Vision, December 2024

Trust: 3.75

Fetched: Dec. 6, 2024, 9:55 a.m., Published: Dec. 3, 2024, 11:35 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: emui
vendor: huawei model: huawei
db: NVD ids: CVE-2024-43090, CVE-2024-40675, CVE-2024-43086, CVE-2024-43085, CVE-2024-43091, CVE-2023-40119, CVE-2024-43089, CVE-2024-40676, CVE-2024-43081

Security Bulletins for HUAWEI Phones/Tablets, December 2024

Related entries in the VARIoT vulnerabilities database: VAR-202411-0380, VAR-202411-0381

Trust: 3.75

Fetched: Dec. 6, 2024, 9:54 a.m., Published: Dec. 2, 2024, 4:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: emui
vendor: huawei model: huawei
db: NVD ids: CVE-2024-46783, CVE-2024-43093, CVE-2024-43091, CVE-2024-43089, CVE-2024-43081, CVE-2024-43086, CVE-2024-38422, CVE-2024-40676, CVE-2024-43080, CVE-2023-52160, CVE-2023-40119, CVE-2024-38423, CVE-2024-43084, CVE-2024-46740, CVE-2024-43090, CVE-2024-43047, CVE-2024-43082, CVE-2024-43088, CVE-2024-43085, CVE-2024-46679, CVE-2024-40675

www.bankinfosecurity.com

Trust: 3.25

Fetched: Dec. 6, 2024, 9:54 a.m., Published: May 6, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mitel model: micollab

Old Cisco ASA Vulnerability (CVE-2014-2120) Fuels Androxgh0st Botnet Activity - SOCRadar® Cyber Intelligence Inc.

Related entries in the VARIoT vulnerabilities database: VAR-201403-0466

Trust: 4.25

Fetched: Dec. 6, 2024, 9:54 a.m., Published: Dec. 4, 2024, 11:46 a.m.
 Vulnerabilities: code execution, file inclusion, local file inclusion...
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
vendor: cisco model: guard
vendor: sophos model: firewall
db: NVD ids: CVE-2021-41277, CVE-2014-2120, CVE-2021-26086, CVE-2024-42448

Critical Vulnerabilities Found In Veeam Service Provider Console

Trust: 3.75

Fetched: Dec. 6, 2024, 9:47 a.m., Published: Dec. 5, 2024, 5:13 a.m.
 Vulnerabilities: service disruption, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-42449, CVE-2024-42448

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Dec. 6, 2024, 9:46 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

Third-Party Vulnerability Bulletin: SonicWall | BD

Trust: 3.25

Fetched: Dec. 6, 2024, 9:46 a.m., Published: Dec. 19, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sonicwall model: sonicos

www.govinfosecurity.com

Trust: 3.25

Fetched: Dec. 6, 2024, 9:45 a.m., Published: May 6, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mitel model: micollab

Understanding IoT Attacks: Safeguarding Devices and Networks

Trust: 3.5

Fetched: Dec. 6, 2024, 9:44 a.m., Published: May 6, 2024, midnight
 Vulnerabilities: device impersonation, denial of service
Affected productsExternal IDs