VARIoT latest news about IoT security

Minimizing Risk Between a Zero-Day Attack and the OS Patch Trust: 3.5 Fetched: Dec. 1, 2023, 9:06 a.m., Published: Nov. 28, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	blackberry	model:	smartphone
vendor:	blackberry	model:	curve
vendor:	blackberry	model:	blackberry

Bluetooth security flaws allow hijacked connections on all modern devices Trust: 3.75 Fetched: Dec. 1, 2023, 9:05 a.m., Published: Nov. 29, 2023, 2:42 p.m.	Vulnerabilities: device impersonation

Affected products	External IDs

Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices Trust: 5.75 Fetched: Dec. 1, 2023, 9:05 a.m., Published: Dec. 1, 2023, 6:22 a.m.	Vulnerabilities: authentication bypass, command injection

Affected products

External IDs

vendor:	zyxel	model:	nas542
vendor:	zyxel	model:	nas326

db:

NVD

ids:

CVE-2023-37927, CVE-2023-4473, CVE-2023-35138, CVE-2023-37928, CVE-2023-4474, CVE-2023-35137

Weak session keys let snoops eavesdrop on Bluetooth traffic • The Register Trust: 4.75 Fetched: Dec. 1, 2023, 9:04 a.m., Published: -	Vulnerabilities: device impersonation

Affected products

External IDs

vendor:	lenovo	model:	system
vendor:	lenovo	model:	thinkpad

db:

NVD

ids:

CVE-2023-24023

Cybersecurity vulnerability analysis of medical devices purchased by national health services - PMC Related entries in the VARIoT vulnerabilities database: VAR-201808-0370, VAR-201703-1246, VAR-201802-0484, VAR-202108-1299, VAR-202008-0248 Trust: 4.5 Fetched: Dec. 1, 2023, 9:03 a.m., Published: Dec. 1, 2023, midnight	Vulnerabilities: cross-site scripting, sql injection

Affected products

External IDs

vendor:

trend

model:

security

db:

NVD

ids:

CVE-2018-14781, CVE-2017-7269, CVE-2017-12725, CVE-2019-3463, CVE-2021-33882, CVE-2020-1472

IBM identifies zero-day vulnerability in Zyxel NAS devices Trust: 5.25 Fetched: Dec. 1, 2023, 9:01 a.m., Published: Nov. 30, 2023, midnight	Vulnerabilities: authentication bypass, code execution, command injection

Affected products

External IDs

vendor:	zyxel	model:	nas 326
vendor:	zyxel	model:	nas 326 firmware
vendor:	zyxel	model:	nas540
vendor:	zyxel	model:	nas542
vendor:	zyxel	model:	nas326

db:

NVD

ids:

CVE-2023-27992, CVE-2023-4473

Zyxel security advisory for multiple vulnerabilities in firewalls and APs \| Zyxel Networks Trust: 4.5 Fetched: Nov. 29, 2023, 9:16 a.m., Published: Nov. 7, 2023, midnight	Vulnerabilities: buffer overflow, privilege management vulnerability, cross-site scripting...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-5960, CVE-2023-35139, CVE-2023-4398, CVE-2023-35136, CVE-2023-37926, CVE-2023-5797, CVE-2023-37925, CVE-2023-5650, CVE-2023-4397

System BIOS w wersji R5 do komputerów Alienware m15 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Nov. 29, 2023, 9:15 a.m., Published: Nov. 10, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS w wersji R5 do komputerów Alienware m15 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Nov. 29, 2023, 9:15 a.m., Published: Nov. 10, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Franklin Electric Fueling Systems Colibri \| CISA Trust: 4.75 Fetched: Nov. 29, 2023, 9:13 a.m., Published: Nov. 1, 2023, midnight	Vulnerabilities: path traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2023-5885

How to Use Shodan to Find Vulnerabilities Trust: 3.0 Fetched: Nov. 29, 2023, 9:12 a.m., Published: Nov. 22, 2023, 2:01 p.m.	Vulnerabilities: default credentials

Affected products	External IDs

Delta Electronics InfraSuite Device Master \| CISA Trust: 5.25 Fetched: Nov. 29, 2023, 9:09 a.m., Published: Nov. 1, 2023, midnight	Vulnerabilities: path traversal, code execution

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2023-47279, CVE-2023-47207, CVE-2023-39226, CVE-2023-46690

System BIOS komputera Dell Precision 3640 w obudowie typu tower \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Nov. 28, 2023, 9:49 a.m., Published: Nov. 28, 3640, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

NetScaler Issues Warning to End Sessions Amid Citrix Bleed Exploits \| CyberSecurity SEE Trust: 3.5 Fetched: Nov. 28, 2023, 9:48 a.m., Published: Nov. 21, 2023, 4:13 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	netscaler
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler application delivery controller

db:

NVD

ids:

CVE-2023-4966

Patch Management for Vulnerabilities \| WatchGuard Technologies Related entries in the VARIoT vulnerabilities database: VAR-202107-1170, VAR-202112-0566, VAR-202203-1921, VAR-202106-1536, VAR-202205-1958, VAR-202009-1172, VAR-202008-0248, VAR-202107-1357, VAR-202106-1708, VAR-202107-1010, VAR-202110-1687, VAR-202205-0799, VAR-202102-0786, VAR-202104-1341 Trust: 5.25 Fetched: Nov. 28, 2023, 9:44 a.m., Published: Nov. 19, 2023, midnight	Vulnerabilities: buffer overflow, information disclosure, code execution...

Affected products

External IDs

vendor:	apple	model:	watchos
vendor:	apple	model:	tvos
vendor:	apple	model:	macos
vendor:	apple	model:	safari
vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	gateway
vendor:	citrix	model:	sd-wan wanop
vendor:	citrix	model:	sd-wan
vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	cisco	model:	cisco jabber
vendor:	cisco	model:	router
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	jabber

db:

NVD

ids:

CVE-2021-33771, CVE-2021-28481, CVE-2021-21148, CVE-2021-42292, CVE-2019-1181, CVE-2020-0642, CVE-2021-38003, CVE-2021-44228, CVE-2022-1096, CVE-2021-33739, CVE-2022-0609, CVE-2019-1182, CVE-2017-0146, CVE-2021-31168, CVE-2021-31165, CVE-2020-16898, CVE-2021-28480, CVE-2020-1181, CVE-2021-26855, CVE-2021-31167, CVE-2020-27955, CVE-2023-37450, CVE-2018-4878, CVE-2023-36802, CVE-2023-41993, CVE-2023-41990, CVE-2019-16452, CVE-2019-0708, CVE-2021-38000, CVE-2023-29336, CVE-2020-3947, CVE-2023-36874, CVE-2022-30190, CVE-2020-3495, CVE-2021-17095, CVE-2017-0143, CVE-2023-2033, CVE-2020-17087, CVE-2023-36884, CVE-2023-4863, CVE-2020-1472, CVE-2021-31169, CVE-2017-0144, CVE-2021-31979, CVE-2020-16875, CVE-2021-34514, CVE-2020-1054, CVE-2020-0665, CVE-2021-31956, CVE-2021-26868, CVE-2021-34527, CVE-2019-0604, CVE-2019-1226, CVE-2023-28252, CVE-2020-0609, CVE-2021-40449, CVE-2023-32439, CVE-2023-32409, CVE-2020-6457, CVE-2019-0797, CVE-2022-26925, CVE-2020-17136, CVE-2023-2136, CVE-2022-4262, CVE-2023-32434, CVE-2020-1048, CVE-2023-32435, CVE-2021-27072, CVE-2020-1143, CVE-2021-21193, CVE-2023-4762, CVE-2017-0148, CVE-2020-3941, CVE-2020-1206, CVE-2020-3765, CVE-2022-4135, CVE-2023-5217, CVE-2020-1163, CVE-2021-42321, CVE-2021-26858, CVE-2017-0145, CVE-2019-19781, CVE-2020-12388, CVE-2020-0674, CVE-2023-21823, CVE-2020-0986, CVE-2023-32373, CVE-2020-1170, CVE-2020-1350, CVE-2020-0796, CVE-2021-28482, CVE-2019-1222, CVE-2021-33742, CVE-2023-23376, CVE-2021-1647, CVE-2023-32046, CVE-2023-21674, CVE-2021-21017, CVE-2021-1732, CVE-2021-28310, CVE-2021-28483, CVE-2020-15999, CVE-2021-30563, CVE-2023-46604, CVE-2019-0808, CVE-2020-1013, CVE-2023-26369, CVE-2023-21768, CVE-2021-26857, CVE-2023-3079, CVE-2020-0787, CVE-2020-17051, CVE-2021-31208, CVE-2020-0688, CVE-2023-28206, CVE-2021-21166, CVE-2021-26411, CVE-2023-41064, CVE-2021-27065

System BIOS dla komputerów Dell Inspiron 3585 i 3785 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Nov. 28, 2023, 9:35 a.m., Published: Nov. 28, 3585, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS komputera Dell G15 5515 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Nov. 28, 2023, 9:34 a.m., Published: Nov. 14, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS komputera Dell G15 5515 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Nov. 28, 2023, 9:32 a.m., Published: Nov. 14, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Realtek High Definition Audio Driver \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Nov. 28, 2023, 9:32 a.m., Published: Nov. 14, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

realtek

model:

audio driver

Realtek High Definition Audio Driver \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Nov. 28, 2023, 9:31 a.m., Published: Nov. 14, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

realtek

model:

audio driver

VARIoT news about IoT security