VARIoT latest news about IoT security

AnyDesk confirms server breach, urging password reset Trust: 4.5 Fetched: Feb. 21, 2024, 9:23 a.m., Published: Feb. 3, 2024, midnight	Vulnerabilities: security bypass, cross-site request forgery, request forgery

Affected products

External IDs

vendor:	cisco	model:	telepresence video communication server
vendor:	cisco	model:	expressway
vendor:	cisco	model:	series
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	cisco expressway
vendor:	cisco	model:	cisco telepresence video communication server
vendor:	cisco	model:	expressway series
vendor:	cisco	model:	cisco telepresence

db:

NVD

ids:

CVE-2024-23832, CVE-2024-20255, CVE-2024-20254, CVE-2023-36025, CVE-2024-20252

Incorrect Access Control Vulnerability Discovered in WyreStorm's Apollo VX20 Device: What You Need to Know and Do Trust: 5.0 Fetched: Feb. 21, 2024, 9:21 a.m., Published: Feb. 1, 2024, midnight	Vulnerabilities: access control vulnerability

Affected products

External IDs

db:

NVD

ids:

CVE-2024-25735

Security Vulnerability: CVE-2023-48795 SSH prefix truncation attack (aka Terrapin Attack) \| Support \| SUSE Trust: 3.75 Fetched: Feb. 21, 2024, 9:20 a.m., Published: Feb. 24, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

proftpd

model:

proftpd

db:

NVD

ids:

CVE-2023-48795

The Ten Most Critical Wireless and Mobile Security Vulnerabilities - Help Net Security Trust: 3.5 Fetched: Feb. 20, 2024, 9:34 a.m., Published: June 29, 2006, 12:28 a.m.	Vulnerabilities: system crash, denial of service

Affected products	External IDs

Security flaws put billions of Bluetooth phones, devices at risk \| ZDNET Trust: 5.5 Fetched: Feb. 20, 2024, 9:33 a.m., Published: Feb. 3, 2024, midnight	Vulnerabilities: information leak, code execution, memory corruption

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	samsung	model:	mobile
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	gear s3
vendor:	samsung	model:	samsung galaxy
vendor:	google	model:	android
vendor:	google	model:	pixel
vendor:	blackberry	model:	blackberry

NPort 5100A Series Serial Device Servers Vulnerability Trust: 3.0 Fetched: Feb. 20, 2024, 9:33 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	moxa	model:	nport 5100a series
vendor:	moxa	model:	nport 5100a series firmware
vendor:	moxa	model:	nport 5100a
vendor:	moxa	model:	nport

Hello Authentication Vulnerabilities Discovered: Stay Safe - Security Boulevard Trust: 3.75 Fetched: Feb. 20, 2024, 9:29 a.m., Published: Dec. 6, 2023, 7 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

lenovo

model:

thinkpad

db:

NVD

ids:

CVE-2021-34466

Critical RCE Vulnerabilities in Atlassian Products: CVE-2022-1471, CVE-2023-22522, CVE-2023-22524, and CVE-2023-22523 - SOCRadar® Cyber Intelligence Inc. Trust: 4.0 Fetched: Feb. 20, 2024, 9:28 a.m., Published: Dec. 6, 2023, 10:47 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-22523, CVE-2023-22524, CVE-2023-22522, CVE-2022-1471

Delta Electronics InfraSuite Device Master - vulnerability database \| Vulners.com Trust: 5.25 Fetched: Feb. 20, 2024, 9:27 a.m., Published: Nov. 28, 2023, noon	Vulnerabilities: code execution, path traversal

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2023-39226, CVE-2023-46690, CVE-2023-47279, CVE-2023-47207

Google fixes three Chromecast device vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202312-2135, VAR-202312-2038, VAR-202312-1510 Trust: 3.5 Fetched: Feb. 20, 2024, 9:26 a.m., Published: Dec. 6, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	chromecast
vendor:	google	model:	android

db:

NVD

ids:

CVE-2023-6181, CVE-2023-48425, CVE-2023-48424

This Vulnerability Allows Hackers to Spy on Your Device's Camera in Real-Time, Even Through Walls Trust: 3.5 Fetched: Feb. 20, 2024, 9:18 a.m., Published: Feb. 19, 2024, 6:22 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	home

January 2024: Regions and Industries at Risk Trust: 4.5 Fetched: Feb. 18, 2024, 9:59 a.m., Published: Jan. 18, 2024, midnight	Vulnerabilities: service disruption

Affected products

External IDs

vendor:	cisco	model:	cisco routers
vendor:	cisco	model:	guard
vendor:	cisco	model:	routers
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2024-21887, CVE-2023-46805

Understanding & Detecting PixieFail UEFI Vulnerabilities - Security Boulevard Trust: 4.0 Fetched: Feb. 18, 2024, 9:59 a.m., Published: Jan. 22, 2024, 5:13 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-45229, CVE-2023-45232, CVE-2023-45230, CVE-2023-45235, CVE-2023-45233

Security Vulnerability and Reporting Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-1782, VAR-202203-1506, VAR-202112-0566, VAR-202112-2011 Trust: 5.25 Fetched: Feb. 18, 2024, 9:58 a.m., Published: Feb. 2, 2024, midnight	Vulnerabilities: denial of service, privilege escalation, buffer overflow...

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2021-34994, CVE-2021-34993, CVE-2023-38545, CVE-2021-41303, CVE-2022-2274, CVE-2021-4104, CVE-2021-45046, CVE-2021-45105, CVE-2022-22965, CVE-2021-44228, CVE-2022-22963, CVE-2021-4034, CVE-2023-46604, CVE-2021-44832, CVE-2023-50164, CVE-2016-6494, CVE-2021-34996, CVE-2021-34995, CVE-2021-34997, CVE-2022-42889, CVE-2023-4863, CVE-2022-22950

System BIOS komputera Alienware Area-51m R2 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Feb. 18, 2024, 9:58 a.m., Published: Feb. 6, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Top Network Security Interview Questions and Answers for 2024 Trust: 3.25 Fetched: Feb. 18, 2024, 9:56 a.m., Published: Oct. 18, 2018, 12:56 p.m.	Vulnerabilities: account lockout, request forgery, cross-site request forgery

Affected products

External IDs

vendor:	cisco	model:	access points
vendor:	cisco	model:	wireless access point
vendor:	cisco	model:	routers
vendor:	essential	model:	phone

System BIOS komputera Dell Vostro 5090 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Feb. 18, 2024, 9:56 a.m., Published: Feb. 18, 5090, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS komputera Dell Inspiron 3502 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Feb. 18, 2024, 9:56 a.m., Published: Feb. 18, 3502, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Can You Connect to Z-Wave Without Hub? - ByRetreat Trust: 3.5 Fetched: Feb. 18, 2024, 9:55 a.m., Published: Jan. 28, 2024, 6:36 p.m.	Vulnerabilities: default credentials

Affected products	External IDs

System BIOS komputera Alienware Area-51m R2 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Feb. 18, 2024, 9:54 a.m., Published: Feb. 6, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

VARIoT news about IoT security