VARIoT latest news about IoT security

Maximize Your Vulnerability Scan Value with Authenticated Scanning - Blog \| Tenable® Trust: 3.5 Fetched: Feb. 28, 2024, 9:27 a.m., Published: Nov. 30, 2023, 1:55 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	barracuda	model:	barracuda
vendor:	trend	model:	security
vendor:	trend	model:	internet security

db:

NVD

ids:

CVE-2023-2868

November 2023 Web Application Vulnerabilities Released \| Qualys Notifications Trust: 5.25 Fetched: Feb. 28, 2024, 9:26 a.m., Published: Nov. 30, 2023, 3:53 p.m.	Vulnerabilities: request forgery, command execution, directory traversal...

Affected products

External IDs

vendor:	cisco systems	model:	ios xe
vendor:	cisco systems	model:	information server
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	cisco ios xe
vendor:	cisco systems	model:	cisco ios
vendor:	barracuda	model:	barracuda
vendor:	ipswitch	model:	ws_ftp
vendor:	ipswitch	model:	ws_ftp server
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	information server
vendor:	cisco	model:	series
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-44352, CVE-2023-41339, CVE-2023-20198, CVE-2023-4822, CVE-2023-44351, CVE-2023-43795, CVE-2023-22518, CVE-2023-26347, CVE-2023-40044, CVE-2023-3042, CVE-2023-44353, CVE-2023-44355, CVE-2023-6063, CVE-2023-44350, CVE-2023-46214, CVE-2023-40045, CVE-2023-42657, CVE-2023-22515, CVE-2023-46819, CVE-2023-2868, CVE-2023-36845

Microsoft’s December 2023 Patch Tuesday Addresses 33 CVEs (CVE-2023-36019) - Blog \| Tenable® Trust: 4.75 Fetched: Feb. 28, 2024, 9:26 a.m., Published: Dec. 12, 2023, 7:02 p.m.	Vulnerabilities: cross-site scripting, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-36036, CVE-2023-35630, CVE-2023-35628, CVE-2023-36019, CVE-2023-36696, CVE-2023-20588, CVE-2023-35641

Be Careful with Audio on Your Device: A Vulnerability in Audio Could Allow Hackers Access Trust: 3.25 Fetched: Feb. 28, 2024, 9:25 a.m., Published: Dec. 27, 2023, 4:01 a.m.	Vulnerabilities: memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2023-21672

Microsoft’s January 2024 Patch Tuesday Addresses 48 CVEs (CVE-2024-20674) - Blog \| Tenable® Trust: 4.75 Fetched: Feb. 28, 2024, 9:25 a.m., Published: Jan. 9, 2024, 7:04 p.m.	Vulnerabilities: information disclosure, code execution, security feature bypass...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-20698, CVE-2023-29336, CVE-2023-36036, CVE-2024-20653, CVE-2024-21310, CVE-2024-20683, CVE-2022-35737, CVE-2024-20686, CVE-2023-24955, CVE-2024-21318, CVE-2023-29357, CVE-2024-20674

Millions of Routers at Risk: CVE-2024-21833 Threatens TP-Link Devices Related entries in the VARIoT vulnerabilities database: VAR-202309-2445 Trust: 4.5 Fetched: Feb. 27, 2024, 9:23 a.m., Published: Feb. 1, 2024, 9:43 a.m.	Vulnerabilities: os command injection, command injection

Affected products

External IDs

vendor:	d-link	model:	dir-806
vendor:	d-link	model:	router
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	router
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco ios
vendor:	trend	model:	security
vendor:	tp-link	model:	routers

db:

NVD

ids:

CVE-2023-20198, CVE-2021-27860, CVE-2023-43128, CVE-2024-21833

January 2024: Key Threat Actors, Malware and Exploited Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202401-1629, VAR-202110-1691, VAR-202401-2573 Trust: 5.25 Fetched: Feb. 27, 2024, 9:22 a.m., Published: Jan. 27, 2024, midnight	Vulnerabilities: authentication bypass, code execution, path traversal...

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	netscaler application delivery controller
vendor:	citrix	model:	netscaler
vendor:	citrix	model:	gateway
vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	netscaler gateway
vendor:	cisco	model:	unified communications
vendor:	cisco	model:	unified contact center express
vendor:	cisco	model:	unity
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	h
vendor:	cisco	model:	unified communications manager im & presence service
vendor:	cisco	model:	cisco unified communications manager
vendor:	cisco	model:	routers
vendor:	cisco	model:	unity connection
vendor:	cisco	model:	virtualized voice browser
vendor:	trend	model:	security
vendor:	trendmicro	model:	security

db:

NVD

ids:

CVE-2023-6549, CVE-2023-36025, CVE-2017-9841, CVE-2018-15133, CVE-2024-20253, CVE-2024-21887, CVE-2023-20867, CVE-2021-41773, CVE-2023-34048, CVE-2023-46805, CVE-2023-22527, CVE-2023-4966, CVE-2023-6548

Microsoft’s February 2024 Patch Tuesday Addresses 73 CVEs (CVE-2024-21351, CVE-2024-21412) - Blog \| Tenable® Related entries in the VARIoT vulnerabilities database: VAR-202402-1774 Trust: 5.25 Fetched: Feb. 27, 2024, 9:21 a.m., Published: Feb. 13, 2024, 6:51 p.m.	Vulnerabilities: security feature bypass, code execution, feature bypass...

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security
vendor:	check point	model:	check point

db:

NVD

ids:

CVE-2021-34473, CVE-2021-34523, CVE-2021-26855, CVE-2024-21338, CVE-2024-21345, CVE-2024-21410, CVE-2024-21371, CVE-2024-21413, CVE-2024-21362, CVE-2021-31207, CVE-2024-21340, CVE-2024-21341, CVE-2024-21351, CVE-2022-41082, CVE-2024-21412, CVE-2024-21378, CVE-2022-41040

CISA Urges Router Makers To Improve Security Trust: 3.75 Fetched: Feb. 27, 2024, 9:20 a.m., Published: Feb. 2, 2024, 2 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

home

db:

NVD

ids:

CVE-2024-21893, CVE-2023-46805, CVE-2024-21888, CVE-2024-21887

Cisco Firepower Device Manager On-Box Software Remote Code Execution Vulnerability Trust: 5.0 Fetched: Feb. 27, 2024, 9:17 a.m., Published: Sept. 2, 2021, 1:36 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	device manager

How to Use Nessus To Scan a Network for Vulnerabilities \| Lifehacker Trust: 3.5 Fetched: Feb. 27, 2024, 9:15 a.m., Published: Oct. 27, 2016, 3 p.m.	Vulnerabilities: default password

Affected products

External IDs

vendor:	google	model:	home
vendor:	apple	model:	apple tv
vendor:	trend	model:	security

Tripwire IP360 - Vulnerability Management \| Tripwire Trust: 3.25 Fetched: Feb. 27, 2024, 9:09 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

tripwire

model:

ip360

IoT Firewall. Definition, Features, Advantages and Disadvantages - zenarmor.com Trust: 4.5 Fetched: Feb. 25, 2024, 10:33 a.m., Published: Jan. 16, 2003, midnight	Vulnerabilities: default password

Affected products

External IDs

vendor:	check point software technologies	model:	check point
vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	google	model:	home
vendor:	check point	model:	check point
vendor:	cisco	model:	meeting
vendor:	cisco	model:	threat response
vendor:	palo	model:	networks
vendor:	palo	model:	firewall

Understanding IoT Security: Challenges, Standards & Best Practices \| Sternum IoT Trust: 4.25 Fetched: Feb. 25, 2024, 10:31 a.m., Published: Feb. 21, 2024, 12:59 p.m.	Vulnerabilities: service disruption, denial of service

Affected products

External IDs

vendor:

trend

model:

security

Forescout reveals 56 flaws in OT devices from 10 companies - Earn Charter - Earn Charter Trust: 3.75 Fetched: Feb. 25, 2024, 10:31 a.m., Published: Feb. 25, 2056, midnight	Vulnerabilities: authentication bypass, denial of service, code execution

Affected products

External IDs

vendor:

motorola

model:

motorola

NAS Security Guide 2024: Easy Steps to Secure Your Device Trust: 3.5 Fetched: Feb. 25, 2024, 10:30 a.m., Published: June 14, 2017, 1:32 p.m.	Vulnerabilities: default password

Affected products

External IDs

vendor:	google	model:	home
vendor:	synology	model:	diskstation
vendor:	synology	model:	diskstation manager

What Is the Difference Between Lutron and Savant? - ByRetreat Trust: 3.5 Fetched: Feb. 25, 2024, 10:29 a.m., Published: Jan. 30, 2024, 5:57 p.m.	Vulnerabilities: default credentials

Affected products	External IDs

nodejs - Security Vulnerabilities in 2024 Related entries in the VARIoT vulnerabilities database: VAR-202310-0175 Trust: 5.25 Fetched: Feb. 25, 2024, 10:22 a.m., Published: Feb. 25, 2024, midnight	Vulnerabilities: directory traversal, resource exhaustion, path traversal...

Affected products

External IDs

vendor:	node.js	model:	node.js
vendor:	nodejs	model:	node.js

db:

NVD

ids:

CVE-2023-30581, CVE-2023-32004, CVE-2023-32559, CVE-2023-39332, CVE-2023-32006, CVE-2023-44487, CVE-2023-30585, CVE-2023-32002, CVE-2023-30584, CVE-2023-45143, CVE-2023-23918, CVE-2023-38552, CVE-2023-23920, CVE-2023-32003, CVE-2023-30590, CVE-2023-30588, CVE-2023-32558, CVE-2023-30586, CVE-2023-30589, CVE-2023-32005, CVE-2023-39331

Press Trust of India: Apple's reply on device vulnerability not totally clear: MoS IT on iPhone alert to MPs Trust: 3.0 Fetched: Feb. 25, 2024, 10:20 a.m., Published: March 9, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

ClamAV OLE2 File Format Parsing Denial of Service Vulnerability Trust: 4.75 Fetched: Feb. 25, 2024, 10:08 a.m., Published: Feb. 13, 2024, 5:57 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	clamav
vendor:	clamav	model:	clamav

VARIoT news about IoT security