Sign-up

VARIoT news about IoT security

Apple patches 1st in-the-wild exploited bug of 2024 in macOS Sonoma 14.3, iOS 17.3 and more - The Mac Security Blog

Trust: 3.25

Fetched: Jan. 26, 2024, 9:17 a.m., Published: Jan. 25, 2024, 7:44 a.m.
 Vulnerabilities: memory corruption, code execution, authentication issue
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: macbook
vendor: apple model: macbook pro
vendor: apple model: webkit
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: imac
vendor: apple model: safari
vendor: apple model: apple tv
vendor: apple model: tvos
vendor: apple model: watchos
vendor: apple model: ipod touch
vendor: apple model: watch
vendor: apple model: ipad air

Why You Need a Data-Driven Approach to Vulnerability Management | MSSP Alert

Trust: 3.5

Fetched: Jan. 26, 2024, 9:16 a.m., Published: Jan. 24, 2024, 7 p.m.
 Vulnerabilities: information exposure
Affected productsExternal IDs
vendor: trend model: antivirus
vendor: trend model: security

Update now! Apple releases patch for zero-day vulnerability | Malwarebytes

Trust: 5.0

Fetched: Jan. 26, 2024, 9:16 a.m., Published: Jan. 24, 2024, 10:37 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: apple tv
vendor: apple model: tvos
vendor: apple model: ipod touch
vendor: apple model: watch
vendor: apple model: ipad air
db: NVD ids: CVE-2024-23222

Android 'API breaking' vulnerability leaks device data, allows user tracking | ZDNET

Trust: 5.5

Fetched: Jan. 26, 2024, 9:14 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: wifi
vendor: google model: android
db: NVD ids: CVE-2018-9489

Apple iOS < 17.3 Multiple Vulnerabilities (HT214059) | Tenable®

Trust: 3.0

Fetched: Jan. 24, 2024, 10:15 a.m., Published: Jan. 17, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-23211, CVE-2024-23215, CVE-2024-23219, CVE-2024-23214, CVE-2024-23222, CVE-2024-23206, CVE-2024-23204, CVE-2024-23207, CVE-2024-23210, CVE-2024-23223, CVE-2024-23208, CVE-2024-23213, CVE-2024-23218, CVE-2024-23217, CVE-2024-23212, CVE-2024-23203

Apple Addresses First Zero-Day Exploit of the Year Impacting Multiple Devices - VULNERA

Trust: 5.0

Fetched: Jan. 24, 2024, 10:09 a.m., Published: Jan. 22, 2024, 7:20 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: tvos
db: NVD ids: CVE-2023-42917, CVE-2024-23222, CVE-2023-42916

Apple fixes actively exploited WebKit zero-day (CVE-2024-23222) - Help Net Security

Trust: 5.0

Fetched: Jan. 24, 2024, 10:09 a.m., Published: Jan. 23, 2024, 11:35 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: watch
vendor: apple model: tvos
vendor: apple model: apple tv
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: macos
db: NVD ids: CVE-2023-42917, CVE-2024-23222, CVE-2023-42916

System BIOS komputera Dell XPS 13 9310 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2024, 10:09 a.m., Published: Jan. 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

System BIOS komputerów Dell Inspiron 5400/5401/7700 AIO | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2024, 10:03 a.m., Published: Jan. 17, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Alienware Aurora R15 AMD System BIOS | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2024, 10:03 a.m., Published: Jan. 24, 2024, 3 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Alienware Aurora R15 AMD System BIOS | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2024, 10:03 a.m., Published: Jan. 24, 2024, 3 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

New Security Updates Fix First Apple Zero-Day Vulnerability of the Year - Lansweeper

Trust: 4.75

Fetched: Jan. 24, 2024, 10:03 a.m., Published: Feb. 15, 2023, 7:39 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: watch
vendor: apple model: tvos
vendor: apple model: apple tv
vendor: apple model: ipod touch
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: macos
db: NVD ids: CVE-2024-23222

24-005 (January 23, 2024) - Threat Encyclopedia

Trust: 4.5

Fetched: Jan. 24, 2024, 9:57 a.m., Published: Jan. 23, 2024, midnight
 Vulnerabilities: code injection, command injection, cross-site scripting...
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2023-52328, CVE-2023-22274, CVE-2023-36812, CVE-2023-46731, CVE-2023-25826, CVE-2023-43661, CVE-2023-52330, CVE-2023-6553, CVE-2023-52327, CVE-2023-22527, CVE-2023-22275, CVE-2023-38886

Cisco SD-WAN Solution Improper Access Control Vulnerability

Trust: 4.75

Fetched: Jan. 24, 2024, 9:52 a.m., Published: Jan. 23, 2024, 9:31 p.m.
 Vulnerabilities: improper access control, access control vulnerability
Affected productsExternal IDs
vendor: cisco model: cisco sd-wan
vendor: cisco model: sd-wan solution
vendor: cisco model: sd-wan

Critical Ivanti VPN flaws are being widely exploited - here’s how to protect yourself | ITPro

Trust: 3.5

Fetched: Jan. 24, 2024, 9:51 a.m., Published: Jan. 23, 2024, 9 p.m.
 Vulnerabilities: authentication bypass, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-21887, CVE-2023-46805

Apple users urged to install update on devices to fix vulnerability | The Straits Times

Trust: 3.0

Fetched: Jan. 24, 2024, 9:36 a.m., Published: Jan. 23, 2024, 12:05 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: apple tv
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: macos

How To Tell If Your Wi-Fi Is Hacked (And What To Do)

Related entries in the VARIoT vulnerabilities database: VAR-201812-0337

Trust: 5.0

Fetched: Jan. 24, 2024, 9:35 a.m., Published: Jan. 4, 2024, midnight
 Vulnerabilities: default password, default credentials, code execution
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: asus model: router
vendor: asus model: asus
vendor: asus model: routers
db: NVD ids: CVE-2018-1160

IoT Vulnerabilities and the IoT Security Crisis | IoT Now News & Reports

Trust: 4.75

Fetched: Jan. 24, 2024, 9:32 a.m., Published: Oct. 1, 2021, 9:43 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: rapid model: scada

2020 Unit 42 IoT Threat Report 2020 Unit 42 IoT Threat Report

Trust: 3.5

Fetched: Jan. 24, 2024, 9:32 a.m., Published: March 10, 2020, 10 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: palo model: networks
vendor: trend model: security
vendor: palo alto networks model: networks

More connected, less secure: Addressing IoT and OT threats to the enterprise | CIO

Trust: 3.75

Fetched: Jan. 24, 2024, 9:25 a.m., Published: Nov. 14, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security