Sign-up

VARIoT news about IoT security

System BIOS komputerów Dell Inspiron 7405 2 w 1 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Dec. 6, 2023, 9:37 a.m., Published: Feb. 6, 7405, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Cisco Secure Client Software Denial of Service Vulnerabilities - Cisco

Trust: 5.0

Fetched: Dec. 6, 2023, 9:37 a.m., Published: Nov. 28, 2023, 7:06 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: anyconnect secure mobility client
vendor: cisco model: cisco anyconnect secure mobility client

System BIOS komputerów Dell Inspiron 7405 2 w 1 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Dec. 6, 2023, 9:37 a.m., Published: Feb. 6, 7405, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

iOS 17.1.2-Update Now Warning Issued To All iPhone Users

Trust: 3.5

Fetched: Dec. 6, 2023, 9:36 a.m., Published: Dec. 2, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
db: NVD ids: CVE-2023-42917, CVE-2023-42916

Forescout Vedere Labs discloses 21 new vulnerabilities affecting OT/IoT routers - Forescout

Trust: 5.25

Fetched: Dec. 6, 2023, 9:35 a.m., Published: Dec. 5, 2023, 6:01 p.m.
 Vulnerabilities: code execution, denial of service, default credentials
Affected productsExternal IDs
vendor: sierra model: aleos
vendor: sierra wireless model: aleos
db: NVD ids: CVE-2023-40464, CVE-2023-41101, CVE-2023-40461

Security Bulletin Trellix Data Loss Prevention Endpoint for Windows 11.10 fixes one vulnerability (CVE-2023-4814)

Trust: 3.75

Fetched: Dec. 6, 2023, 9:33 a.m., Published: Dec. 11, 2023, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2023-4814

Knowledge Article View - Thales Customer Support

Related entries in the VARIoT vulnerabilities database: VAR-201404-0008, VAR-200310-0080, VAR-201409-1156, VAR-201507-0348, VAR-201808-0959, VAR-201412-0271, VAR-202112-0562, VAR-201405-0244, VAR-201410-1418, VAR-201406-0137, VAR-201801-0826, VAR-201602-0004, VAR-201601-0029, VAR-201605-0077, VAR-201406-0117, VAR-201411-0154, VAR-202203-1506, VAR-200310-0072, VAR-201504-0247, VAR-202302-0482, VAR-201605-0078, VAR-201406-0142, VAR-202112-0566, VAR-201501-0338, VAR-201805-0963, VAR-201808-0958, VAR-201406-0445, VAR-201801-1711, VAR-202302-0195, VAR-201808-0957, VAR-201501-0737, VAR-201710-0668, VAR-201801-1712

Trust: 4.25

Fetched: Dec. 6, 2023, 9:31 a.m., Published: -
 Vulnerabilities: code execution, security feature bypass, feature bypass...
Affected productsExternal IDs
vendor: gemalto model: idprime.net
vendor: gemalto model: sentinel ldk
vendor: gemalto model: sentinel ldk rte
vendor: sentinel model: ldk rte
vendor: node.js model: node.js
vendor: infineon model: rsa library
db: NVD ids: CVE-2010-5298, CVE-2017-0147, CVE-2023-38546, CVE-2021-3011, CVE-2003-0681, CVE-2017-0146, CVE-2014-6271, CVE-2016-0800, CVE-2016-0703, CVE-2015-1793, CVE-2022-3602, CVE-2015-5464, CVE-2018-3615, CVE-2015-7967, CVE-2015-7961, CVE-2008-4250, CVE-2023-29017, CVE-2022-22963, CVE-2014-8730, CVE-2021-45046, CVE-2022-4203, CVE-2014-0198, CVE-2014-3566, CVE-2014-0195, CVE-2017-5715, CVE-2015-7547, CVE-2023-38545, CVE-2018-7183, CVE-2023-0401, CVE-2016-0777, CVE-2016-2107, CVE-2014-3470, CVE-2014-6324, CVE-2022-22965, CVE-2003-0694, CVE-2015-2808, CVE-2022-4304, CVE-2016-2108, CVE-2014-0221, CVE-2021-44228, CVE-2015-0204, CVE-2023-0216, CVE-2017-3622, CVE-2018-3639, CVE-2015-7596, CVE-2018-3620, CVE-2022-22950, CVE-2023-0217, CVE-2017-11427, CVE-2022-3706, CVE-2021-4034, CVE-2017-3623, CVE-2023-0286, CVE-2015-7598, CVE-2014-0224, CVE-2017-5754, CVE-2022-4450, CVE-2023-0215, CVE-2018-8340, CVE-2009-3103, CVE-2018-3646, CVE-2015-0235, CVE-2015-0291, CVE-2017-15361, CVE-2017-5753

Weekly Vulnerability Recap - October 2, 2023 - Cloudflare DDoS Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202309-2742

Trust: 5.5

Fetched: Dec. 6, 2023, 9:30 a.m., Published: Oct. 2, 2023, 8:44 p.m.
 Vulnerabilities: cross-site request forgery, directory traversal, command injection...
Affected productsExternal IDs
vendor: google model: chrome
vendor: xiaomi model: redmi
vendor: motorola model: motorola
vendor: cisco model: wan manager
vendor: cisco model: sd-wan vmanage
vendor: cisco model: sd-wan
vendor: cisco model: ios xe
vendor: cisco model: catalyst
vendor: cisco model: cisco ios
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: samsung model: mobile phones
vendor: samsung model: samsung galaxy
db: NVD ids: CVE-2023-42115, CVE-2023-5217, CVE-2023-20252, CVE-2023-40044, CVE-2023-24955, CVE-2023-29357

About the security content of iOS 16.7.2 and iPadOS 16.7.2 - Apple Support

Trust: 5.25

Fetched: Dec. 6, 2023, 9:30 a.m., Published: July 16, 2002, midnight
 Vulnerabilities: code execution, user interface issue
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad air
vendor: apple model: safari
vendor: apple model: mdnsresponder
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-40449, CVE-2023-32359, CVE-2023-41983, CVE-2023-42846, CVE-2023-42849, CVE-2023-40408, CVE-2023-40446, CVE-2023-41977, CVE-2023-40423, CVE-2023-41254, CVE-2023-42852, CVE-2023-40447, CVE-2023-40413, CVE-2023-41976, CVE-2023-40416, CVE-2023-41997, CVE-2023-42841, CVE-2023-41982

Apple issues emergency patches for 3 zero-day bugs | TechTarget

Trust: 3.75

Fetched: Dec. 6, 2023, 9:29 a.m., Published: Sept. 22, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-41992, CVE-2023-41991, CVE-2023-41061, CVE-2023-41993, CVE-2023-41064

Cisco IOS XE zero-day facing mass exploitation | TechTarget

Trust: 3.75

Fetched: Dec. 6, 2023, 9:29 a.m., Published: Oct. 17, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20198

Cisco Discloses ‘Critical’ Zero-Day Vulnerability In IOS XE | CRN

Trust: 6.25

Fetched: Dec. 6, 2023, 9:29 a.m., Published: Oct. 16, 2023, 12:33 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198

Android Security Update: Android users, Google wants you to download this security update right away

Trust: 3.0

Fetched: Dec. 6, 2023, 9:28 a.m., Published: Dec. 5, 2023, 3:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

All About Common Vulnerabilities and Exposures (CVEs)

Trust: 3.5

Fetched: Dec. 6, 2023, 9:27 a.m., Published: Oct. 5, 2023, 10:18 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: cisco model: series
db: NVD ids: CVE-2023-4863, CVE-2023-4077, CVE-2021-44189

Android Security Paper 2023: An update on mobile protections

Trust: 3.0

Fetched: Dec. 6, 2023, 9:27 a.m., Published: Oct. 17, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

What to Know about Cisco Duo Windows App Vulnerability | Community

Trust: 4.75

Fetched: Dec. 6, 2023, 9:26 a.m., Published: Dec. 3, 2023, midnight
 Vulnerabilities: directory traversal
Affected productsExternal IDs
db: NVD ids: CVE-2023-20229

All You Need to Know About Android App Vulnerability: Improper Platform Usage - Astra Security Blog

Trust: 3.75

Fetched: Dec. 6, 2023, 9:25 a.m., Published: Sept. 26, 2023, 1:35 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202108-1914, VAR-202112-0566

Trust: 5.25

Fetched: Dec. 6, 2023, 9:22 a.m., Published: Dec. 10, 2023, midnight
 Vulnerabilities: code execution, credential disclosure, password disclosure...
Affected productsExternal IDs
vendor: trend model: security
vendor: essential model: phone
db: NVD ids: CVE-2019-18935, CVE-2021-36942, CVE-2022-24682, CVE-2021-44228, CVE-2022-37042, CVE-2022-27925, CVE-2022-30333, CVE-2022-27924

What Measure Should Be Taken To Secure IoT Devices? | Robots.net

Trust: 3.75

Fetched: Dec. 6, 2023, 9:19 a.m., Published: Sept. 16, 2023, 12:01 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

Hello Authentication Vulnerabilities Discovered: Stay Safe

Trust: 3.75

Fetched: Dec. 6, 2023, 9:19 a.m., Published: Dec. 1, 2023, 1:34 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: thinkpad
db: NVD ids: CVE-2021-34466