Sign-up

VARIoT news about IoT security

Ivanti Discloses Fifth Major VPN Vulnerability In A Month

Trust: 4.5

Fetched: Feb. 14, 2024, 9:49 a.m., Published: Feb. 8, 2024, 4:51 p.m.
 Vulnerabilities: request forgery, command injection, authentication bypass
Affected productsExternal IDs
vendor: pulse secure model: policy secure
vendor: pulse secure model: connect secure
vendor: google model: nexus
db: NVD ids: CVE-2024-22024, CVE-2024-21887, CVE-2023-46805, CVE-2024-21893

Ivanti Vulnerability Exploited to Install 'DSLog' Backdoor on 670+ IT Infrastructures | MrHacker

Trust: 4.0

Fetched: Feb. 14, 2024, 9:43 a.m., Published: Feb. 13, 2024, midnight
 Vulnerabilities: request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-21888, CVE-2024-21893

Ivanti Finds Another High Severity Vulnerability | MSSP Alert

Trust: 3.0

Fetched: Feb. 14, 2024, 9:40 a.m., Published: Feb. 13, 2024, 6:29 p.m.
 Vulnerabilities: request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-22024, CVE-2024-21888, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893

Hackers Exploit Ivanti Vulnerability to Deploy DSLog Backdoor | Black Hat Ethical Hacking

Trust: 3.25

Fetched: Feb. 14, 2024, 9:40 a.m., Published: Feb. 13, 2024, 10:08 a.m.
 Vulnerabilities: request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-21893

Exploiting Ivanti vulnerability to install “DSLog” backdoor on more than 670 IT infrastructures - Mary Ashley

Trust: 4.0

Fetched: Feb. 14, 2024, 9:39 a.m., Published: Feb. 13, 2024, 8:27 a.m.
 Vulnerabilities: request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-21888, CVE-2024-21893

What Is the Difference Between Zigbee and Knx? - ByRetreat

Trust: 3.5

Fetched: Feb. 14, 2024, 9:36 a.m., Published: Jan. 29, 2024, 10:24 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes

Trust: 3.5

Fetched: Feb. 14, 2024, 9:30 a.m., Published: Feb. 13, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2024-21412, CVE-2023-36025

SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes

Trust: 3.5

Fetched: Feb. 14, 2024, 9:29 a.m., Published: Feb. 13, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2024-21412, CVE-2023-36025

Three API Vulnerabilities Found in Cisco Expressway Series Devices

Trust: 3.0

Fetched: Feb. 14, 2024, 9:29 a.m., Published: Feb. 8, 2024, 6:46 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: expressway
vendor: cisco model: expressway series
vendor: cisco model: series
vendor: cisco model: cisco expressway

New WiFi Authentication Vulnerabilities Discovered

Trust: 4.75

Fetched: Feb. 14, 2024, 9:28 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: traffic interception
Affected productsExternal IDs
db: NVD ids: CVE-2023-52160, CVE-2023-52161

Vulnerability News - February 9, 2024 - VULNERA

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 5.25

Fetched: Feb. 14, 2024, 9:27 a.m., Published: Feb. 9, 2024, 9:22 p.m.
 Vulnerabilities: request forgery, code execution, authentication bypass...
Affected productsExternal IDs
vendor: fortigate model: fortios
vendor: google model: android
db: NVD ids: CVE-2023-46805, CVE-2023-42793, CVE-2024-21887, CVE-2022-42475, CVE-2024-21893, CVE-2024-23108, CVE-2024-21762, CVE-2024-23832, CVE-2023-4762, CVE-2024-23917, CVE-2023-34992, CVE-2024-23109

Warning of Vulnerability in Android devices ~ SK-CERT

Trust: 3.0

Fetched: Feb. 14, 2024, 9:26 a.m., Published: Dec. 11, 2023, 1:39 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

FortiOS SSL VPN Vulnerability Actively Exploited in the Wild

Trust: 3.75

Fetched: Feb. 14, 2024, 9:15 a.m., Published: Feb. 12, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21762

Critical Vulnerability in WyreStorm Apollo VX20: Unauthenticated Device Restart and Credential Disclosure

Trust: 5.0

Fetched: Feb. 14, 2024, 9:07 a.m., Published: Feb. 1, 2024, midnight
 Vulnerabilities: credential disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2024-25736

SonicWall Firewall Devices Vulnerable to DoS Attacks

Trust: 3.75

Fetched: Feb. 13, 2024, 9:49 a.m., Published: Jan. 29, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2022-22274, CVE-2023-0656

Securing the Future: Enhancing Cybersecurity in 2024 and Beyond

Trust: 3.75

Fetched: Feb. 13, 2024, 9:48 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

What Are the Disadvantages of Google Home? - ByRetreat

Trust: 3.25

Fetched: Feb. 13, 2024, 9:47 a.m., Published: Jan. 29, 2024, 1:59 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: google home

Ivanti Avalanche < 6.4.2 Multiple Vulnerabilities - vulnerability database | Vulners.com

Trust: 5.0

Fetched: Feb. 13, 2024, 9:45 a.m., Published: Feb. 9, 2024, midnight
 Vulnerabilities: code execution, denial of service, memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2023-46263, CVE-2023-46216, CVE-2023-46217, CVE-2023-46257, CVE-2023-46260, CVE-2021-22962, CVE-2023-46220, CVE-2023-46262, CVE-2023-46223, CVE-2023-46225, CVE-2023-41727, CVE-2023-46221, CVE-2023-46266, CVE-2023-46264, CVE-2023-46224, CVE-2023-46261, CVE-2023-46222, CVE-2023-46258, CVE-2023-46265, CVE-2023-46259

Zero-Day Vulnerability Patched in Fortinet Software | Access Point Technology

Trust: 3.0

Fetched: Feb. 13, 2024, 9:39 a.m., Published: Feb. 12, 2024, 9:44 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-21762

Cybercrime Law and Threats in the UK - Datalaw

Trust: 4.0

Fetched: Feb. 13, 2024, 9:39 a.m., Published: Jan. 25, 2024, 9:41 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs