Sign-up

VARIoT news about IoT security

Apple Releases First Important Security Updates of 2024 - iOS 17.3 Patches First Zero-Day of the Year

Trust: 5.75

Fetched: Jan. 26, 2024, 9:51 a.m., Published: Jan. 26, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: tvos
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: apple tv
vendor: apple model: webkit
vendor: apple model: watch
db: NVD ids: CVE-2024-23222

WARNING: NEW REMOTE CODE EXECUTION VULNERABILITY IN MULTIPLE CISCO PRODUCTS, PATCH IMMEDIATELY! | Cert

Trust: 5.25

Fetched: Jan. 26, 2024, 9:39 a.m., Published: Jan. 25, 2024, 5:13 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-20253

Cisco Small Business Series Switches Stacked Reload ACL Bypass Vulnerability

Trust: 3.0

Fetched: Jan. 26, 2024, 9:37 a.m., Published: Jan. 24, 2024, 3:52 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series managed switches
vendor: cisco model: small business
vendor: cisco model: series stackable managed switches
vendor: cisco model: series
vendor: cisco model: small business series
vendor: cisco model: series switches
vendor: cisco model: cisco small business
vendor: cisco model: small business series switches
vendor: cisco model: series smart switches

How to lock out your ex-partner from your smart home | Malwarebytes

Trust: 3.5

Fetched: Jan. 26, 2024, 9:32 a.m., Published: Jan. 24, 2024, 2:55 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android

Best Wordpress Security & Vulnerability Scanners In 2024 [LIST]

Trust: 5.5

Fetched: Jan. 26, 2024, 9:30 a.m., Published: July 26, 2021, 11:40 a.m.
 Vulnerabilities: code injection, sql injection, header injection...
Affected productsExternal IDs
vendor: trend model: security

CSA urge Apple users to urgently update their device software to prevent hacker attacks - Singapore News

Trust: 5.0

Fetched: Jan. 26, 2024, 9:24 a.m., Published: Jan. 24, 2024, 9:40 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: apple tv
vendor: apple model: tvos
vendor: apple model: ipad air
db: NVD ids: CVE-2024-23222

Apple patches 1st in-the-wild exploited bug of 2024 in macOS Sonoma 14.3, iOS 17.3 and more - The Mac Security Blog

Trust: 3.25

Fetched: Jan. 26, 2024, 9:17 a.m., Published: Jan. 25, 2024, 7:44 a.m.
 Vulnerabilities: memory corruption, code execution, authentication issue
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: macbook
vendor: apple model: macbook pro
vendor: apple model: webkit
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: imac
vendor: apple model: safari
vendor: apple model: apple tv
vendor: apple model: tvos
vendor: apple model: watchos
vendor: apple model: ipod touch
vendor: apple model: watch
vendor: apple model: ipad air

Why You Need a Data-Driven Approach to Vulnerability Management | MSSP Alert

Trust: 3.5

Fetched: Jan. 26, 2024, 9:16 a.m., Published: Jan. 24, 2024, 7 p.m.
 Vulnerabilities: information exposure
Affected productsExternal IDs
vendor: trend model: antivirus
vendor: trend model: security

Update now! Apple releases patch for zero-day vulnerability | Malwarebytes

Trust: 5.0

Fetched: Jan. 26, 2024, 9:16 a.m., Published: Jan. 24, 2024, 10:37 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: apple tv
vendor: apple model: tvos
vendor: apple model: ipod touch
vendor: apple model: watch
vendor: apple model: ipad air
db: NVD ids: CVE-2024-23222

Android 'API breaking' vulnerability leaks device data, allows user tracking | ZDNET

Trust: 5.5

Fetched: Jan. 26, 2024, 9:14 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: wifi
vendor: google model: android
db: NVD ids: CVE-2018-9489

Apple iOS < 17.3 Multiple Vulnerabilities (HT214059) | Tenable®

Trust: 3.0

Fetched: Jan. 24, 2024, 10:15 a.m., Published: Jan. 17, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-23211, CVE-2024-23215, CVE-2024-23219, CVE-2024-23214, CVE-2024-23222, CVE-2024-23206, CVE-2024-23204, CVE-2024-23207, CVE-2024-23210, CVE-2024-23223, CVE-2024-23208, CVE-2024-23213, CVE-2024-23218, CVE-2024-23217, CVE-2024-23212, CVE-2024-23203

Apple Addresses First Zero-Day Exploit of the Year Impacting Multiple Devices - VULNERA

Trust: 5.0

Fetched: Jan. 24, 2024, 10:09 a.m., Published: Jan. 22, 2024, 7:20 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: tvos
db: NVD ids: CVE-2023-42917, CVE-2024-23222, CVE-2023-42916

Apple fixes actively exploited WebKit zero-day (CVE-2024-23222) - Help Net Security

Trust: 5.0

Fetched: Jan. 24, 2024, 10:09 a.m., Published: Jan. 23, 2024, 11:35 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: watch
vendor: apple model: tvos
vendor: apple model: apple tv
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: macos
db: NVD ids: CVE-2023-42917, CVE-2024-23222, CVE-2023-42916

System BIOS komputera Dell XPS 13 9310 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2024, 10:09 a.m., Published: Jan. 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

System BIOS komputerów Dell Inspiron 5400/5401/7700 AIO | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2024, 10:03 a.m., Published: Jan. 17, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Alienware Aurora R15 AMD System BIOS | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2024, 10:03 a.m., Published: Jan. 24, 2024, 3 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Alienware Aurora R15 AMD System BIOS | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2024, 10:03 a.m., Published: Jan. 24, 2024, 3 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

New Security Updates Fix First Apple Zero-Day Vulnerability of the Year - Lansweeper

Trust: 4.75

Fetched: Jan. 24, 2024, 10:03 a.m., Published: Feb. 15, 2023, 7:39 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: watch
vendor: apple model: tvos
vendor: apple model: apple tv
vendor: apple model: ipod touch
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: macos
db: NVD ids: CVE-2024-23222

24-005 (January 23, 2024) - Threat Encyclopedia

Trust: 4.5

Fetched: Jan. 24, 2024, 9:57 a.m., Published: Jan. 23, 2024, midnight
 Vulnerabilities: code injection, command injection, cross-site scripting...
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2023-52328, CVE-2023-22274, CVE-2023-36812, CVE-2023-46731, CVE-2023-25826, CVE-2023-43661, CVE-2023-52330, CVE-2023-6553, CVE-2023-52327, CVE-2023-22527, CVE-2023-22275, CVE-2023-38886

Cisco SD-WAN Solution Improper Access Control Vulnerability

Trust: 4.75

Fetched: Jan. 24, 2024, 9:52 a.m., Published: Jan. 23, 2024, 9:31 p.m.
 Vulnerabilities: improper access control, access control vulnerability
Affected productsExternal IDs
vendor: cisco model: cisco sd-wan
vendor: cisco model: sd-wan solution
vendor: cisco model: sd-wan