Sign-up

VARIoT news about IoT security

Cisco Fixes Widely Exploited IOS XE Vulnerability: What You Need to Know

Trust: 4.75

Fetched: Oct. 27, 2023, 9:13 a.m., Published: Oct. 3, 2023, midnight
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: routers
db: NVD ids: CVE-2023-20198

Cyber attack: 'Operation Triangulation' can access memory, take control of iOS device, says Kaspersk- The New Indian Express

Trust: 3.0

Fetched: Oct. 27, 2023, 9:12 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari

Phosphorus Releases Mitigation Solutions for Critical Cisco IOS XE Zero-Day Vulnerability | Markets Insider

Trust: 4.25

Fetched: Oct. 27, 2023, 9:11 a.m., Published: March 27, 2023, midnight
 Vulnerabilities: default credentials, privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: access points
vendor: cisco model: routers
db: NVD ids: CVE-2023-20198

Cyber attack: 'Operation Triangulation' can access memory, take control of iOS device, says Kaspersky | Technology

Trust: 3.0

Fetched: Oct. 27, 2023, 9:11 a.m., Published: Oct. 27, 2023, 5:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari

Beyond the Click: Understanding Zero-Click Exploits and Their Impact

Related entries in the VARIoT vulnerabilities database: VAR-201409-1156

Trust: 4.25

Fetched: Oct. 27, 2023, 9:10 a.m., Published: Oct. 16, 2023, 11:03 a.m.
 Vulnerabilities: privilege escalation, code execution, buffer overflow
Affected productsExternal IDs
vendor: apple model: iphone
vendor: essential model: phone
db: NVD ids: CVE-2022-36934, CVE-2014-6271

TheSocialTalks - Navigating the Cyber security Threat Landscape: What You Need to Know

Trust: 3.0

Fetched: Oct. 25, 2023, 9:21 a.m., Published: May 25, 2023, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

Compromising Android Applications with Intent Manipulation

Trust: 3.75

Fetched: Oct. 25, 2023, 9:21 a.m., Published: Oct. 24, 2023, midnight
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs

Weekly Vulnerability Recap - October 23, 2023 - Cisco, SolarWinds Flaws Make News

Trust: 5.25

Fetched: Oct. 25, 2023, 9:20 a.m., Published: Oct. 23, 2023, 7:57 p.m.
 Vulnerabilities: code execution, access control vulnerability
Affected productsExternal IDs
vendor: cisco model: technical support
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2023-20273, CVE-2023-20198, CVE-2023-22515, CVE-2023-42793

Top 20+ Ethical Hacking Tools in 2023 [Paid+Free] | Intellipaat

Trust: 3.5

Fetched: Oct. 25, 2023, 9:20 a.m., Published: Nov. 20, 2020, 6:17 a.m.
 Vulnerabilities: sql injection, cross-site scripting, denial of service...
Affected productsExternal IDs

TALOS-2023-1788 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

Related entries in the VARIoT vulnerabilities database: VAR-202310-0300

Trust: 5.25

Fetched: Oct. 25, 2023, 9:19 a.m., Published: Oct. 11, 2023, midnight
 Vulnerabilities: buffer overflow, integer overflow
Affected productsExternal IDs
vendor: cisco model: series
vendor: cisco model: router
db: NVD ids: CVE-2023-35967, CVE-2023-35968

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trust: 3.5

Fetched: Oct. 25, 2023, 9:18 a.m., Published: Oct. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2022-43677

Design/Logic Flaw in Cisco - Ios Xe - vulnerability database | Vulners.com

Trust: 4.5

Fetched: Oct. 25, 2023, 9:17 a.m., Published: Oct. 4, 2023, 5:15 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco iox
vendor: cisco model: cisco iox application
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: iox application
vendor: cisco model: ios-xe software
db: NVD ids: CVE-2023-20235

Known issues in Teams Rooms and devices - Microsoft Teams | Microsoft Learn

Trust: 3.0

Fetched: Oct. 25, 2023, 9:17 a.m., Published: Sept. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Over 50K Cisco IOS XE Devices Hacked Exploiting Zero-day Flaw

Trust: 4.75

Fetched: Oct. 25, 2023, 9:16 a.m., Published: Oct. 23, 2023, 9:30 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20273, CVE-2023-20198

Protecting Systems from the New HTTP/2 Rapid Reset Vulnerability - Security Boulevard

Related entries in the VARIoT vulnerabilities database: VAR-202310-0175

Trust: 3.75

Fetched: Oct. 25, 2023, 9:16 a.m., Published: Oct. 24, 2023, midnight
 Vulnerabilities: resource exhaustion
Affected productsExternal IDs
db: NVD ids: CVE-2023-44487

Design/Logic Flaw in Cisco - Mobility Express Software - vulnerability database | Vulners.com

Trust: 5.75

Fetched: Oct. 25, 2023, 9:15 a.m., Published: Sept. 27, 2023, 6:15 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: mobility express software
vendor: cisco model: cisco wireless lan controller
vendor: cisco model: mobility express
vendor: cisco model: mobility_express_software
vendor: cisco model: wireless lan controller
vendor: cisco model: aireos
db: NVD ids: CVE-2023-20251

How to Prevent Malware: 15 Best Practices for Malware Prevention

Trust: 3.5

Fetched: Oct. 25, 2023, 9:14 a.m., Published: Oct. 24, 2023, 10:32 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: home

Cisco IOS XE Zero-Day Attacks: What Businesses Need to Know - Cyber and Fraud Centre - Scotland

Trust: 3.0

Fetched: Oct. 25, 2023, 9:14 a.m., Published: Oct. 24, 2023, 1:50 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe

Design/Logic Flaw in Cisco - Business 150Ax Firmware - vulnerability database | Vulners.com

Trust: 4.75

Fetched: Oct. 25, 2023, 9:13 a.m., Published: Sept. 27, 2023, 6:15 p.m.
 Vulnerabilities: resource consumption vulnerability
Affected productsExternal IDs
vendor: cisco model: catalyst
vendor: cisco model: cisco ios xe
vendor: cisco model: access points
vendor: cisco model: wireless_lan_controller_software
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: series
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20268

Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection

Trust: 3.75

Fetched: Oct. 25, 2023, 9:12 a.m., Published: Oct. 24, 2023, 6:33 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
db: NVD ids: CVE-2023-20273, CVE-2023-20198