VARIoT latest news about IoT security

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC \| Trend Micro (US) Trust: 4.5 Fetched: Sept. 25, 2024, 9:42 a.m., Published: Sept. 19, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2024-36401

Critical Vulnerability in Ivanti Cloud Services Appliance (CSA) Exploited in Attacks: CVE-2024-8963 - SOCRadar® Cyber Intelligence Inc. Trust: 4.75 Fetched: Sept. 25, 2024, 9:41 a.m., Published: Sept. 20, 2024, 11:47 a.m.	Vulnerabilities: os command injection, command injection, path traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8190, CVE-2024-8963

Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report Trust: 3.0 Fetched: Sept. 25, 2024, 9:34 a.m., Published: Sept. 25, 2024, midnight	Vulnerabilities: -

Affected products	External IDs

Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report Trust: 3.0 Fetched: Sept. 25, 2024, 9:34 a.m., Published: Sept. 25, 2024, midnight	Vulnerabilities: -

Affected products	External IDs

Alisonic Sibylla \| CISA Trust: 5.0 Fetched: Sept. 25, 2024, 9:33 a.m., Published: Sept. 25, 2023, midnight	Vulnerabilities: sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8630

Digital Workspace Vulnerabilities - August 2024 Trust: 4.0 Fetched: Sept. 25, 2024, 9:33 a.m., Published: Aug. 14, 2024, 3:43 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	google	model:	google chrome

CERT-EU - Vulnerabilities in OpenVPN Trust: 4.0 Fetched: Sept. 25, 2024, 9:32 a.m., Published: -	Vulnerabilities: code execution, privilege escalation

Affected products

External IDs

db:

NVD

ids:

CVE-2024-1305, CVE-2024-27459, CVE-2024-27903, CVE-2024-24974

Vulnerability Disclosure Policy - EPH Controls Trust: 3.5 Fetched: Sept. 25, 2024, 9:32 a.m., Published: July 30, 2024, 10:07 a.m.	Vulnerabilities: arbitrary command execution, command injection, directory traversal...

Affected products	External IDs

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Sept. 25, 2024, 9:31 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Sept. 25, 2024, 9:31 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure Trust: 4.5 Fetched: Sept. 25, 2024, 9:30 a.m., Published: Sept. 11, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

huawei

model:

huawei

Vulnerability Notice - SolarWinds, Adobe, Mozilla, Ivanti, Microsoft, Apache, and Android Trust: 5.5 Fetched: Sept. 25, 2024, 9:29 a.m., Published: Aug. 19, 2024, midnight	Vulnerabilities: code execution, privilege escalation

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel
vendor:	samsung	model:	samsung mobile
vendor:	samsung	model:	notes
vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile

db:

NVD

ids:

CVE-2024-36971

10 security bugs put fuel storage tanks at risk of attacks • The Register Trust: 4.5 Fetched: Sept. 25, 2024, 9:15 a.m., Published: -	Vulnerabilities: command injection, privilege escalation, authentication bypass...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-45373, CVE-2024-43423, CVE-2024-8310, CVE-2024-6981, CVE-2024-43692, CVE-2024-8630, CVE-2024-41725, CVE-2024-45066, CVE-2024-43693, CVE-2024-8497

DSA-2024-369: Security Update for Dell RecoverPoint for Virtual Machines Multiple Vulnerabilities \| Dell US Related entries in the VARIoT vulnerabilities database: VAR-202205-0540, VAR-202302-0482, VAR-202201-0355, VAR-202201-0369, VAR-202201-0405 Trust: 3.0 Fetched: Sept. 24, 2024, 10:36 a.m., Published: Sept. 5, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-0799, CVE-2023-2007, CVE-2023-38039, CVE-2023-4692, CVE-2023-28487, CVE-2022-48566, CVE-2023-4622, CVE-2023-34968, CVE-2022-4285, CVE-2022-4141, CVE-2023-38408, CVE-2022-35206, CVE-2023-1192, CVE-2023-38546, CVE-2022-2928, CVE-2023-4752, CVE-2022-44792, CVE-2023-4734, CVE-2023-42754, CVE-2023-0922, CVE-2021-32256, CVE-2023-34241, CVE-2022-3821, CVE-2023-40217, CVE-2023-20900, CVE-2023-21830, CVE-2023-34969, CVE-2023-34319, CVE-2018-9234, CVE-2023-0798, CVE-2023-0288, CVE-2022-36402, CVE-2023-0394, CVE-2023-4693, CVE-2023-3776, CVE-2022-41804, CVE-2022-1616, CVE-2023-0796, CVE-2023-26555, CVE-2023-4387, CVE-2022-4292, CVE-2023-39193, CVE-2023-25587, CVE-2021-3778, CVE-2023-32324, CVE-2023-20593, CVE-2023-3609, CVE-2023-26552, CVE-2023-1981, CVE-2022-38090, CVE-2023-4459, CVE-2023-4039, CVE-2023-4641, CVE-2019-2708, CVE-2023-4132, CVE-2023-3611, CVE-2023-2985, CVE-2023-29383, CVE-2022-3491, CVE-2023-21843, CVE-2023-5217, CVE-2022-3479, CVE-2023-31248, CVE-2022-43552, CVE-2022-4304, CVE-2022-0359, CVE-2022-3554, CVE-2023-34967, CVE-2022-3597, CVE-2023-2156, CVE-2023-20867, CVE-2022-47673, CVE-2023-43788, CVE-2023-39194, CVE-2023-32182, CVE-2022-35205, CVE-2022-3598, CVE-2023-25585, CVE-2023-25193, CVE-2023-4921, CVE-2023-4134, CVE-2022-48565, CVE-2023-25588, CVE-2023-0687, CVE-2022-3591, CVE-2023-1355, CVE-2023-3772, CVE-2022-4293, CVE-2023-3567, CVE-2023-2609, CVE-2023-43785, CVE-2023-40283, CVE-2022-40897, CVE-2023-2222, CVE-2023-4881, CVE-2023-4738, CVE-2023-39192, CVE-2023-4735, CVE-2023-1972, CVE-2023-4781, CVE-2023-23908, CVE-2023-4091, CVE-2022-48064, CVE-2018-18586, CVE-2023-0802, CVE-2022-47695, CVE-2023-0804, CVE-2023-3341, CVE-2023-4385, CVE-2023-32360, CVE-2023-23559, CVE-2018-7738, CVE-2023-29491, CVE-2022-3705, CVE-2023-4623, CVE-2023-0054, CVE-2022-27774, CVE-2023-20588, CVE-2023-34966, CVE-2023-43789, CVE-2023-0795, CVE-2023-0801, CVE-2023-3812, CVE-2017-17087, CVE-2023-3390, CVE-2023-2650, CVE-2023-3446, CVE-2023-43787, CVE-2022-3520, CVE-2023-0049, CVE-2022-33972, CVE-2023-3817, CVE-2022-21216, CVE-2023-22049, CVE-2023-26553, CVE-2017-5953, CVE-2023-23916, CVE-2023-3117, CVE-2023-3863, CVE-2023-28322, CVE-2022-47629, CVE-2022-21619, CVE-2023-4194, CVE-2022-48063, CVE-2023-28484, CVE-2023-20569, CVE-2022-3570, CVE-2022-33196, CVE-2023-0433, CVE-2023-4133, CVE-2023-0803, CVE-2023-43786, CVE-2023-35945, CVE-2022-0392, CVE-2022-48281, CVE-2023-22045, CVE-2022-2127, CVE-2022-44840, CVE-2022-0361, CVE-2023-39615, CVE-2023-1859, CVE-2023-4504, CVE-2016-3709, CVE-2023-1579, CVE-2023-26554, CVE-2023-28320, CVE-2022-3555, CVE-2023-0465, CVE-2020-36766, CVE-2020-19726, CVE-2022-44793, CVE-2023-28321, CVE-2023-4016, CVE-2023-26604, CVE-2022-48065, CVE-2021-42523, CVE-2023-1127, CVE-2023-0797, CVE-2023-0459, CVE-2023-28486, CVE-2023-4733, CVE-2023-0051, CVE-2015-8985, CVE-2022-4415, CVE-2022-42010, CVE-2022-23491, CVE-2023-36054, CVE-2023-2426, CVE-2023-41105, CVE-2023-2610, CVE-2022-48303, CVE-2023-1264, CVE-2023-4128, CVE-2022-45703, CVE-2023-1206, CVE-2023-29469, CVE-2023-26551, CVE-2022-40982, CVE-2023-35001, CVE-2022-47696, CVE-2022-45154, CVE-2023-1829, CVE-2023-0800, CVE-2023-28319

How Ransomware Exploits Vulnerabilities in IoT Devices: What You Need to Know Trust: 3.75 Fetched: Sept. 24, 2024, 10:32 a.m., Published: Sept. 3, 2024, midnight	Vulnerabilities: default password

Affected products	External IDs

Scan for vulnerabilities - Security Center - Alibaba Cloud Documentation Center Trust: 3.75 Fetched: Sept. 24, 2024, 10:30 a.m., Published: July 3, 2024, midnight	Vulnerabilities: privilege escalation, directory traversal, path traversal...

Affected products

External IDs

db:

NVD

ids:

CVE-2016-6617, CVE-2017-5487, CVE-2016-8870, CVE-2019-8362

Enhancing Medical Device Security: Exploring the Exploitability and Impact of GUI Vulnerabilities Through a Hacking Tool Experiment \| SpringerLink Trust: 3.5 Fetched: Sept. 24, 2024, 10:29 a.m., Published: Sept. 24, 2024, midnight	Vulnerabilities: injection attack, sql injection

Affected products

External IDs

vendor:

google

model:

android

WordPress Vulnerability & Patch Roundup August 2024 Trust: 3.5 Fetched: Sept. 24, 2024, 10:28 a.m., Published: Aug. 30, 2024, 4:32 p.m.	Vulnerabilities: privilege escalation, sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43302, CVE-2024-6366, CVE-2024-5057, CVE-2024-7302, CVE-2024-43303, CVE-2024-43286, CVE-2024-43122, CVE-2024-43297, CVE-2024-6725, CVE-2024-5668, CVE-2024-5940, CVE-2024-5763, CVE-2024-2508, CVE-2024-43314, CVE-2024-4367, CVE-2024-43285, CVE-2024-5901, CVE-2024-28000, CVE-2024-43161, CVE-2024-43235, CVE-2024-6208, CVE-2024-5595, CVE-2024-4090, CVE-2024-43162, CVE-2024-6487, CVE-2024-6158, CVE-2024-43298, CVE-2024-39666, CVE-2024-7082, CVE-2024-43119, CVE-2024-43146, CVE-2024-6884, CVE-2024-7092, CVE-2024-7100, CVE-2024-7247, CVE-2024-43231, CVE-2024-7054, CVE-2024-39640, CVE-2024-4483, CVE-2024-7590, CVE-2024-7548, CVE-2024-6692, CVE-2024-7084, CVE-2024-43125, CVE-2024-43118, CVE-2024-43152, CVE-2024-6824, CVE-2024-43142, CVE-2024-5939, CVE-2024-7317

Top ICS Vulnerabilities: Flaws In Rockwell Automation, Avtec & MOBOTIX Related entries in the VARIoT vulnerabilities database: VAR-202407-1753 Trust: 4.5 Fetched: Sept. 24, 2024, 10:25 a.m., Published: Aug. 29, 2024, 1:48 p.m.	Vulnerabilities: input validation flaw, input validation vulnerability, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-42418, CVE-2024-6089, CVE-2024-39776, CVE-2023-34873, CVE-2024-6079

Cyble Sensor Intelligence: Attacks, Phishing Scams And Brute-Force Detections - Cyble Trust: 4.5 Fetched: Sept. 24, 2024, 10:24 a.m., Published: Sept. 20, 2024, 2:25 p.m.	Vulnerabilities: default credentials, os command injection, brute force attack...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-7029, CVE-2024-36401, CVE-2024-7954, CVE-2024-7120, CVE-2024-4577

VARIoT news about IoT security