Sign-up

VARIoT news about IoT security

CVE-2024-44678: Identified Vulnerability in Gigastone Wi-Fi Range Extenders

Trust: 4.75

Fetched: Sept. 27, 2024, 10:01 a.m., Published: Sept. 27, 9001, midnight
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: google model: wifi
db: NVD ids: CVE-2024-44678

Configure Device Control | Deep Security

Trust: 3.5

Fetched: Sept. 27, 2024, 10:01 a.m., Published: Sept. 27, 2024, midnight
 Vulnerabilities: access violation
Affected productsExternal IDs
vendor: trend model: deep security
vendor: trend model: security
vendor: trend micro model: deep security
vendor: trend micro model: security

Exploding Pagers and Walkie-talkies Expose Alarming Vulnerabilities in Mobile Devices - David Icke

Trust: 4.0

Fetched: Sept. 27, 2024, 10 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei

0-Click RCE Vulnerability in MediaTek Wi-Fi Chipsets Allows Remote Exploitation

Trust: 3.75

Fetched: Sept. 27, 2024, 10 a.m., Published: Sept. 21, 2024, 3:32 p.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-20017

3 tips for securing IoT devices in a connected world - Help Net Security

Trust: 3.75

Fetched: Sept. 27, 2024, 9:59 a.m., Published: Sept. 26, 2024, 11:09 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

Security announcements | Docker Docs

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-1782, VAR-202112-0562

Trust: 3.75

Fetched: Sept. 27, 2024, 9:58 a.m., Published: Sept. 13, 2024, 12:45 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-23651, CVE-2024-24557, CVE-2021-44228, CVE-2024-23650, CVE-2024-8695, CVE-2024-23653, CVE-2021-45105, CVE-2024-23652, CVE-2021-45046, CVE-2022-42889, CVE-2024-21626, CVE-2024-8696

Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability - Cisco

Trust: 3.75

Fetched: Sept. 27, 2024, 9:57 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: ios xe software

Critical Linux bug is CUPS-based remote-code execution hole • The Register

Trust: 5.5

Fetched: Sept. 27, 2024, 9:57 a.m., Published: -
 Vulnerabilities: arbitrary command execution, buffer overflow, code execution...
Affected productsExternal IDs
vendor: cups model: cups
db: NVD ids: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177

Cisco IOS XE Software HTTP Server Telephony Services Denial of Service Vulnerability - Cisco

Trust: 4.0

Fetched: Sept. 27, 2024, 9:56 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe

Critical Linux bug is CUPS-based remote-code execution hole • The Register

Trust: 5.5

Fetched: Sept. 27, 2024, 9:56 a.m., Published: -
 Vulnerabilities: arbitrary command execution, buffer overflow, code execution...
Affected productsExternal IDs
vendor: cups model: cups
db: NVD ids: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177

Unix CUPS Unauthenticated RCE Zero-Day Vulnerabilities (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177): All you need to know | JFrog

Trust: 5.75

Fetched: Sept. 27, 2024, 9:55 a.m., Published: Sept. 26, 2024, 10:20 p.m.
 Vulnerabilities: arbitrary command execution, parameter injection, code execution...
Affected productsExternal IDs
vendor: cups model: cups
db: NVD ids: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-35235, CVE-2024-47177

Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability - Cisco

Trust: 4.0

Fetched: Sept. 27, 2024, 9:55 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe

Cisco Catalyst 9000 Series Switches Denial of Service Vulnerability - Cisco

Trust: 5.0

Fetched: Sept. 27, 2024, 9:55 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: catalyst
vendor: cisco model: series
vendor: cisco model: series switches

Cisco IOS XE Software IPv4 Fragmentation Reassembly Denial of Service Vulnerability - Cisco

Trust: 4.0

Fetched: Sept. 27, 2024, 9:54 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software

Cisco IOS XE Software Protocol Independent Multicast Denial of Service Vulnerability - Cisco

Trust: 4.0

Fetched: Sept. 27, 2024, 9:53 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software

Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability - Cisco

Trust: 3.75

Fetched: Sept. 27, 2024, 9:52 a.m., Published: Sept. 25, 2024, 11:50 a.m.
 Vulnerabilities: request forgery, cross-site request forgery
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software

> Imagine finding a vulnerability, responsibly disclosing it, being told "meh, n... | Hacker News

Trust: 3.25

Fetched: Sept. 27, 2024, 9:51 a.m., Published: Sept. 12, 2024, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs

In the goTenna Pro ATAK Plugin there is a vulnerability... · CVE-2024-41722 · GitHub Advisory Database · GitHub

Trust: 4.25

Fetched: Sept. 27, 2024, 9:51 a.m., Published: Sept. 26, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh
db: NVD ids: CVE-2024-41722

Severe Vulnerabilities in Cisco IOS, IOS XE and Other Products Addressed - Patch Now - SOCRadar® Cyber Intelligence Inc.

Related entries in the VARIoT vulnerabilities database: VAR-202409-1826, VAR-201707-0964

Trust: 5.5

Fetched: Sept. 27, 2024, 9:50 a.m., Published: Sept. 26, 2024, 11:52 a.m.
 Vulnerabilities: request forgery, cross-site request forgery, code injection...
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: series switches
vendor: cisco model: sd-wan
vendor: cisco model: cisco sd-wan
vendor: cisco model: sd-wan vedge
vendor: cisco model: wan manager
vendor: cisco model: intrusion prevention system
vendor: cisco model: rv340
vendor: cisco model: asr 1000 series
vendor: cisco model: cbr-8
vendor: cisco model: ios xe software
vendor: cisco model: routers
vendor: cisco model: catalyst
vendor: cisco model: series
vendor: cisco model: ios software
vendor: cisco model: asr 1000
vendor: cisco model: industrial ethernet
vendor: cisco model: vedge
vendor: cisco model: cisco asr 1000 series
vendor: cisco model: industrial ethernet series switches
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco sd-wan vedge
vendor: snort model: snort
db: NVD ids: CVE-2024-20436, CVE-2024-20433, CVE-2024-20434, CVE-2024-20508, CVE-2024-20464, CVE-2024-20480, CVE-2024-20465, CVE-2024-20350, CVE-2024-20414, CVE-2024-20475, CVE-2024-20467, CVE-2024-20455, CVE-2024-20437, CVE-2017-6742, CVE-2024-20496, CVE-2024-20510, CVE-2024-20381

CUPS Remote Code Execution Vulnerability Fix Available | Ubuntu

Trust: 4.25

Fetched: Sept. 27, 2024, 9:50 a.m., Published: Sept. 26, 2024, midnight
 Vulnerabilities: information leak, code execution, command execution
Affected productsExternal IDs
vendor: canonical model: ubuntu
vendor: cups model: cups
db: NVD ids: CVE-2024-47076, CVE-2024-47175, CVE-2024-47177, CVE-2024-47176