Sign-up

VARIoT news about IoT security

U.S. Defense Dept Purchased Chinese IT Equipment with Known Vulnerabilities for Use at Sensitive Base. | SGT Report

Trust: 3.5

Fetched: March 1, 2023, 9:10 a.m., Published: Feb. 27, 2023, 3 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh
vendor: tp-link model: routers

OESIS Framework February 09, 2023 Release - OPSWAT

Trust: 4.0

Fetched: March 1, 2023, 9:10 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: ringcentral model: ringcentral
db: NVD ids: CVE-2023-0472, CVE-2023-0473, CVE-2023-0474, CVE-2022-42330, CVE-2023-22241, CVE-2023-22240, CVE-2022-42919, CVE-2023-0471, CVE-2023-22242

Hacker Tracker: February 2023 | Beyond Identity

Trust: 3.5

Fetched: March 1, 2023, 9:09 a.m., Published: Feb. 1, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: home
vendor: emsisoft model: antivirus
vendor: trend model: password manager
vendor: trend model: security
vendor: trend model: antivirus

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software

Related entries in the VARIoT vulnerabilities database: VAR-202302-1452, VAR-202302-1614, VAR-202302-1598

Trust: 5.5

Fetched: March 1, 2023, 9:08 a.m., Published: Feb. 17, 2023, 5:46 a.m.
 Vulnerabilities: buffer overflow, information leak, entity injection...
Affected productsExternal IDs
vendor: google model: nexus
vendor: clamav model: clamav
vendor: cisco model: email security appliance
vendor: cisco model: web security appliance
vendor: cisco model: nexus
vendor: cisco model: management appliance
vendor: cisco model: advanced malware protection
vendor: cisco model: clamav
db: NVD ids: CVE-2023-20052, CVE-2023-20032, CVE-2023-20075, CVE-2023-20014, CVE-2023-20009

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software - Parrot CTFs Blog

Related entries in the VARIoT vulnerabilities database: VAR-202302-1452

Trust: 5.75

Fetched: Feb. 26, 2023, 9:28 a.m., Published: Feb. 20, 2023, 10:58 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav
db: NVD ids: CVE-2023-20032

The right way to Protect The Devices and Accounts Out of Hackers | Rinn

Trust: 4.0

Fetched: Feb. 26, 2023, 9:27 a.m., Published: Feb. 19, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

Researchers find new bug ‘class’ in Apple devices - Eternity Lab Technology

Related entries in the VARIoT vulnerabilities database: VAR-202108-1057, VAR-202302-2240, VAR-202302-2045

Trust: 4.5

Fetched: Feb. 26, 2023, 9:25 a.m., Published: Feb. 25, 2023, 3:04 p.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2021-30860, CVE-2023-23531, CVE-2023-23530

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices - BEKER

Related entries in the VARIoT vulnerabilities database: VAR-202302-2044, VAR-202302-2240, VAR-202302-2045

Trust: 4.5

Fetched: Feb. 26, 2023, 9:24 a.m., Published: Feb. 22, 2023, 12:56 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-23520, CVE-2023-23531, CVE-2023-23530

Complete list of Mac viruses, malware names and trojans | Macworld

Related entries in the VARIoT vulnerabilities database: VAR-202010-1252

Trust: 4.5

Fetched: Feb. 26, 2023, 9:23 a.m., Published: Feb. 24, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: apple model: iphone
vendor: apple model: mac os x
vendor: apple model: mac os
vendor: apple model: itunes
vendor: apple model: macos
vendor: apple model: webkit
vendor: apple model: ipad
vendor: apple model: safari
db: NVD ids: CVE-2020-9934

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

Related entries in the VARIoT vulnerabilities database: VAR-202302-2044, VAR-202302-2240, VAR-202302-2045

Trust: 4.75

Fetched: Feb. 26, 2023, 9:23 a.m., Published: Feb. 3, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-23520, CVE-2023-23531, CVE-2023-23530

iOS 16.3. macOS 13.2 Updates Included Patches for Major Vulnerabilities Detected by Security Researcher | Technology News

Related entries in the VARIoT vulnerabilities database: VAR-202302-2240, VAR-202302-2045

Trust: 3.75

Fetched: Feb. 26, 2023, 9:22 a.m., Published: Feb. 24, 2023, 9:13 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: oneplus model: one
vendor: samsung model: mobile
vendor: samsung model: notes
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-23531, CVE-2023-23530

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices - BU-CERT

Related entries in the VARIoT vulnerabilities database: VAR-202302-2044, VAR-202302-2240, VAR-202302-2045

Trust: 6.0

Fetched: Feb. 26, 2023, 9:22 a.m., Published: Feb. 3, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-23520, CVE-2023-23531, CVE-2023-23530

Google Online Security Blog: Vulnerability Reward Program: 2022 Year in Review

Trust: 3.25

Fetched: Feb. 26, 2023, 9:21 a.m., Published: Feb. 26, 2022, midnight
 Vulnerabilities: privilege escalation, command execution, memory corruption
Affected productsExternal IDs
vendor: google model: android
vendor: google model: chrome

OpENer Exposed to Two Remote Code Execution Vulnerabilities

Trust: 5.75

Fetched: Feb. 26, 2023, 9:21 a.m., Published: Feb. 24, 2023, 9:22 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: snort model: snort
vendor: snort.org model: snort
db: NVD ids: CVE-2022-43606

eSentire | Hackers Exploit Fortinet Devices to Spread Ransomware…

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198, VAR-201901-0568

Trust: 3.5

Fetched: Feb. 26, 2023, 9:17 a.m., Published: Feb. 4, 2023, midnight
 Vulnerabilities: authentication bypass, privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-40684, CVE-2018-13374

Cisco Patches Critical Vulnerability in Email Security Appliance - SecurityWeek

Related entries in the VARIoT vulnerabilities database: VAR-202206-1349, VAR-202206-1254, VAR-202206-1301

Trust: 4.0

Fetched: Feb. 26, 2023, 9:17 a.m., Published: June 16, 2022, 1:18 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: asyncos
vendor: cisco model: routers
vendor: cisco model: rv130
vendor: cisco model: cisco asyncos
vendor: cisco model: rv215w
vendor: cisco model: rv110w
vendor: cisco model: small business
vendor: cisco model: rv130w
vendor: cisco model: email security appliance
vendor: cisco model: asyncos software
vendor: cisco model: small business rv
db: NVD ids: CVE-2022-20664, CVE-2022-20798, CVE-2022-20825

Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability

Trust: 4.75

Fetched: Feb. 26, 2023, 9:17 a.m., Published: Feb. 22, 2023, 3:50 p.m.
 Vulnerabilities: memory leak, denial of service
Affected productsExternal IDs
vendor: cisco model: link layer discovery protocol
vendor: cisco model: cisco nexus 9000 series
vendor: cisco model: nx-os software
vendor: cisco model: series
vendor: cisco model: nx-os
vendor: cisco model: series switches
vendor: cisco model: cisco nx-os
vendor: cisco model: 1000v
vendor: cisco model: nexus 3000
vendor: cisco model: nexus
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus 9000
vendor: cisco model: nexus 1000v
vendor: cisco model: nexus 7000

Weak Security Controls and Practices Routinely Exploited for Initial Access | CISA

Trust: 3.0

Fetched: Feb. 26, 2023, 9:16 a.m., Published: Dec. 8, 2022, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs

Multiple vulnerabilities in Audiocodes Device Manager Express|黑客技术网

Trust: 3.75

Fetched: Feb. 24, 2023, 9:22 a.m., Published: Feb. 10, 2023, midnight
 Vulnerabilities: code execution, cross-site scripting, command execution...
Affected productsExternal IDs
db: NVD ids: CVE-2022-24631, CVE-2022-24629, CVE-2022-24632, CVE-2022-24630, CVE-2022-24628, CVE-2022-24627

Experts found a large new class of bugs ‘class’ in Apple devices|黑客技术网

Related entries in the VARIoT vulnerabilities database: VAR-202302-2044, VAR-202302-2240, VAR-202302-2045

Trust: 3.75

Fetched: Feb. 24, 2023, 9:21 a.m., Published: Feb. 16, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2023-23520, CVE-2023-23531, CVE-2023-23530