VARIoT latest news about IoT security

CVE-2024-23711 - Microsoft Device Driver Kernel Code Execution Vulnerability Trust: 6.0 Fetched: Aug. 2, 2024, 9:16 a.m., Published: July 9, 2024, 9:15 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2024-23711

Brother MFC-J491DW C1806180757 Password Hash Disclosure ≈ Packet Storm Related entries in the VARIoT vulnerabilities database: VAR-202407-2513 Trust: 4.0 Fetched: Aug. 2, 2024, 9:15 a.m., Published: July 30, 2024, midnight	Vulnerabilities: information disclosure

Affected products

External IDs

db:

NVD

ids:

CVE-2019-20457

Re: OpenSSL vulnerability in icls driver version 1.71.99.0 - Intel Community Trust: 3.0 Fetched: Aug. 2, 2024, 9:14 a.m., Published: May 13, 2024, 5:53 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	dell	model:	optiplex

CVE-2024-40975 - vulnerability database \| Vulners.com Trust: 4.0 Fetched: Aug. 2, 2024, 9:14 a.m., Published: July 12, 2024, 1:15 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	lenovo	model:	bios
vendor:	lenovo	model:	yoga

db:

NVD

ids:

CVE-2024-40975

Re: OpenSSL vulnerability in icls driver version 1.71.99.0 - Intel Community Trust: 3.0 Fetched: Aug. 2, 2024, 9:13 a.m., Published: May 13, 2024, 5:53 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	dell	model:	optiplex

Protecting SmartPLC Devices from Critical Hardcoded Credential Vulnerability CVE-2024-28747 \| SonicWall Trust: 4.75 Fetched: Aug. 2, 2024, 9:13 a.m., Published: July 31, 2024, 4:54 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

sonicwall

model:

remote access

db:

NVD

ids:

CVE-2024-28747

CVE-2024-6242 Rockwell Automation Chassis Restrictions Bypas... - vulnerability database \| Vulners.com Trust: 3.5 Fetched: Aug. 2, 2024, 9:13 a.m., Published: Aug. 1, 2024, 3:15 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	rockwell automation	model:	guardlogix
vendor:	rockwell automation	model:	controllogix
vendor:	rockwell	model:	guardlogix
vendor:	rockwell	model:	controllogix

db:

NVD

ids:

CVE-2024-6242

CVE-2024-20323 - Exploits & Severity - Feedly Trust: 6.0 Fetched: Aug. 2, 2024, 9:11 a.m., Published: July 17, 2024, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

trend

model:

security

db:

NVD

ids:

CVE-2024-20323

Apple fixes Siri vulnerabilities that could have allowed sen... - vulnerability database \| Vulners.com Trust: 3.75 Fetched: Aug. 2, 2024, 9:11 a.m., Published: July 31, 2024, 1:04 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	apple tv
vendor:	apple	model:	macos
vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad
vendor:	apple	model:	safari
vendor:	apple	model:	iphone
vendor:	apple	model:	tvos
vendor:	apple	model:	watchos
vendor:	apple	model:	ipod touch
vendor:	apple	model:	watch

Re: OpenSSL vulnerability in icls driver version 1.71.99.0 - Intel Community Trust: 3.0 Fetched: Aug. 2, 2024, 9:11 a.m., Published: May 13, 2024, 5:53 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	dell	model:	optiplex

CVE-2024-39944 - vulnerability database \| Vulners.com Trust: 3.5 Fetched: Aug. 2, 2024, 9:09 a.m., Published: July 31, 2024, 3:13 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-39944

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! \| Malwarebytes Trust: 3.75 Fetched: Aug. 2, 2024, 9:09 a.m., Published: July 31, 2024, 1:04 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	apple tv
vendor:	apple	model:	macos
vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad
vendor:	apple	model:	safari
vendor:	apple	model:	iphone
vendor:	apple	model:	ipod touch
vendor:	apple	model:	watch

RADIUS Protocol Vulnerability Impacted Multiple Cisco Products Trust: 3.75 Fetched: Aug. 2, 2024, 9:09 a.m., Published: July 29, 2024, 6:01 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	series routers
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	routers
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	asr 5000
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	firepower
vendor:	cisco	model:	ucs manager
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	access points
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	ucs b-series blade servers
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	nexus
vendor:	cisco	model:	series
vendor:	cisco	model:	series switches
vendor:	cisco	model:	device manager
vendor:	cisco	model:	application policy infrastructure controller
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ucs central software

db:

NVD

ids:

CVE-2024-3596

CVE-2024-39947 - "Dahua Device Crash Vulnerability" Trust: 3.0 Fetched: Aug. 2, 2024, 9:08 a.m., Published: July 31, 2024, 4:15 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-39947

CVE-2024-39950 - "Dahua Device Initialization Overwrite Vulnerability" Trust: 3.0 Fetched: Aug. 2, 2024, 9:08 a.m., Published: July 31, 2024, 4:15 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-39950

CVE-2024-39950 - "Dahua Device Initialization Overwrite Vulnerability" Trust: 3.0 Fetched: Aug. 2, 2024, 9:06 a.m., Published: July 31, 2024, 4:15 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-39950

Android security checkup: 18 steps to a safer phone - Computerworld Trust: 3.5 Fetched: July 31, 2024, 9:27 a.m., Published: July 24, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	pixel
vendor:	google	model:	android
vendor:	samsung	model:	android phone

[2024] Advanced VAPT Interview Questions - Web Asha Trust: 3.5 Fetched: July 31, 2024, 9:23 a.m., Published: July 29, 2024, 6 p.m.	Vulnerabilities: information disclosure, cross-site scripting, sql injection...

Affected products	External IDs

Infostealer Logs Unmask Pedophiles, Twilio API Hack, and Rockwell Device Vulnerabilities - Go REF Trust: 4.5 Fetched: July 31, 2024, 9:22 a.m., Published: July 4, 2024, 1:36 a.m.	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:	rockwell automation	model:	automation panelview plus
vendor:	rockwell automation	model:	automation panelview
vendor:	rockwell	model:	automation panelview plus
vendor:	rockwell	model:	automation panelview

Acronis Issues Urgent Patch for High-Risk Vulnerability Trust: 4.25 Fetched: July 31, 2024, 9:22 a.m., Published: July 30, 2024, 9:29 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-45249

VARIoT news about IoT security