Sign-up

VARIoT news about IoT security

Security Vulnerability in KYOCERA Device Manager

Trust: 3.25

Fetched: Feb. 2, 2024, 9:43 a.m., Published: Nov. 1, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-50916

Kyocera Device Manager Vulnerability Exposes Enterprise Credentials | Hack Dojo

Trust: 4.25

Fetched: Feb. 2, 2024, 9:43 a.m., Published: Jan. 10, 2024, midnight
 Vulnerabilities: input validation flaw
Affected productsExternal IDs
db: NVD ids: CVE-2023-50916

How Vulnerability Scanners Can Secure Your Network

Trust: 3.0

Fetched: Feb. 2, 2024, 9:41 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: sql injection, cross-site scripting
Affected productsExternal IDs

Citrix Bleed: CVE-2023-4966 Vulnerability Analysis and Exploitation | by CYFIRMA | Medium

Trust: 3.5

Fetched: Feb. 2, 2024, 9:39 a.m., Published: Nov. 24, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: citrix model: netscaler adc
vendor: citrix model: gateway
vendor: citrix model: netscaler
db: NVD ids: CVE-2023-4966

How to fix CVE-2024-20253 in Cisco products | Vulcan Cyber

Trust: 5.75

Fetched: Feb. 2, 2024, 9:38 a.m., Published: Jan. 28, 2024, 12:38 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: hosted collaboration mediation fulfillment
vendor: cisco model: prime collaboration deployment
vendor: cisco model: prime license manager
vendor: cisco model: prime collaboration
vendor: cisco model: unity connection
vendor: cisco model: unified contact center express
vendor: cisco model: packaged contact center enterprise
vendor: cisco model: virtualized voice browser
vendor: cisco model: socialminer
vendor: cisco model: unified communications manager
vendor: cisco model: unity
vendor: cisco model: unified communications manager im & presence service
vendor: cisco model: unified intelligence center
vendor: cisco model: cisco unified communications manager
vendor: cisco model: finesse
vendor: cisco model: unified communications
vendor: cisco model: emergency responder
vendor: cisco model: unified contact center enterprise
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: customer voice portal
db: NVD ids: CVE-2024-20253

Update now! Chrome fixes actively exploited zero-day vulnerability | Malwarebytes

Trust: 5.0

Fetched: Feb. 2, 2024, 9:37 a.m., Published: Nov. 29, 2023, 11 p.m.
 Vulnerabilities: integer overflow
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: android
vendor: google model: chrome
db: NVD ids: CVE-2023-6345

Critical Android Vulnerabilities Alert: CERT-IN's Warning For Indian Users

Trust: 3.5

Fetched: Feb. 2, 2024, 9:32 a.m., Published: Nov. 15, 2023, 8:31 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: google model: android

12 Best Penetration Testing Tools in 2024 (Feature Comparison)

Trust: 5.75

Fetched: Feb. 2, 2024, 9:27 a.m., Published: Dec. 15, 2023, 8:31 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: wireshark model: wireshark

Introduction to Cybersecurity: My Knowledge Check Answers

Trust: 3.25

Fetched: Feb. 2, 2024, 9:26 a.m., Published: Nov. 13, 2023, 9:02 a.m.
 Vulnerabilities: buffer overflow, privilege escalation, brute force attack...
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: cisco model: series
vendor: cisco model: meeting
vendor: palo model: firewall
vendor: palo model: networks

Public Release of Exploit for Android Privilege Elevation Flaw Affecting Multiple OEMs (CVE-2023-45779) - OP INNOVATE

Trust: 5.75

Fetched: Feb. 2, 2024, 9:25 a.m., Published: Feb. 1, 2024, 11:16 a.m.
 Vulnerabilities: privilege elevation
Affected productsExternal IDs
vendor: asus model: asus
vendor: nokia model: impact
vendor: google model: android
vendor: lenovo model: system
vendor: lenovo model: updates
vendor: motorola model: android
vendor: motorola model: motorola
db: NVD ids: CVE-2023-45779

Networking Essentials 2.0 Practice Final Exam Answers

Trust: 4.5

Fetched: Feb. 2, 2024, 9:17 a.m., Published: Nov. 23, 2023, 7:59 a.m.
 Vulnerabilities: brute force attack
Affected productsExternal IDs
vendor: trend model: security
vendor: cisco model: router
vendor: cisco model: access points
vendor: cisco model: routers
vendor: cisco model: wireless access point

U.S. Agencies Must Disconnect Ivanti VPN Devices Amid ‘Substantial Threat’: CISA

Trust: 4.75

Fetched: Feb. 2, 2024, 9:14 a.m., Published: Feb. 1, 2024, 12:04 p.m.
 Vulnerabilities: request forgery, command injection, authentication bypass
Affected productsExternal IDs
vendor: google model: nexus
db: NVD ids: CVE-2024-21893, CVE-2023-46805, CVE-2024-21887

Updated: New Software Updates and Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways | CISA

Trust: 3.0

Fetched: Feb. 2, 2024, 9:09 a.m., Published: Feb. 2, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-21893, CVE-2023-46805, CVE-2024-21887, CVE-2024-21888

Distributed Energy Generation Gateway (In)Security - Security News - Trend Micro MY

Trust: 4.75

Fetched: Jan. 31, 2024, 9:34 a.m., Published: -
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
vendor: enphase model: envoy

Offensive Security Significance for Proactive Defense

Trust: 3.5

Fetched: Jan. 31, 2024, 9:33 a.m., Published: Jan. 24, 2024, 1:26 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: check point model: check point
vendor: check point model: endpoint security
vendor: check point software technologies model: check point
vendor: check point software technologies model: endpoint security
vendor: blackberry model: blackberry
vendor: blackberry model: playbook
vendor: symantec model: antivirus
vendor: symantec model: endpoint protection
vendor: symantec model: advanced threat protection

Tenda A15 deviceList Parameter Buffer Overflow Vulnerability - vulnerability database | Vulners.com

Trust: 3.0

Fetched: Jan. 31, 2024, 9:29 a.m., Published: Jan. 24, 2024, midnight
 Vulnerabilities: denial of service, buffer overflow
Affected productsExternal IDs

Security Advisory

Trust: 3.75

Fetched: Jan. 31, 2024, 9:25 a.m., Published: -
 Vulnerabilities: denial of service, buffer overflow
Affected productsExternal IDs
vendor: sonicwall model: sonicosv
vendor: sonicwall model: sonicos

Weekly Vulnerability Recap 1/22/24: Chrome, Ivanti, & Citrix

Related entries in the VARIoT vulnerabilities database: VAR-202401-1629, VAR-202401-2573

Trust: 5.25

Fetched: Jan. 31, 2024, 9:24 a.m., Published: Jan. 22, 2024, 10:42 p.m.
 Vulnerabilities: session hijacking, code execution, authentication bypass
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler adc
vendor: google model: chrome
db: NVD ids: CVE-2023-6549, CVE-2023-6548

Qualcomm Discloses High Severity Vulnerability, CVE-2023-33025

Related entries in the VARIoT vulnerabilities database: VAR-202401-0655

Trust: 5.5

Fetched: Jan. 31, 2024, 9:24 a.m., Published: Jan. 2, 2024, 10:21 p.m.
 Vulnerabilities: memory corruption, code execution, buffer overflow
Affected productsExternal IDs
vendor: samsung model: samsung galaxy
vendor: samsung model: mobile devices
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: huawei model: huawei
vendor: huawei model: nova
vendor: motorola model: motorola
db: NVD ids: CVE-2023-33030, CVE-2023-33032, CVE-2023-33036, CVE-2023-33025

Penetration Testing Today: How It Works & Why You Need It | Splunk

Trust: 3.5

Fetched: Jan. 31, 2024, 9:22 a.m., Published: Jan. 25, 2024, 7:34 p.m.
 Vulnerabilities: sql injection, cross-site scripting, request forgery...
Affected productsExternal IDs
vendor: wireshark model: wireshark