Sign-up

VARIoT news about IoT security

Writeup for CVE-2023-39143: PaperCut WebDAV Vulnerability - Horizon3.ai

Trust: 5.5

Fetched: Feb. 2, 2024, 10:06 a.m., Published: Jan. 12, 2024, 2:15 p.m.
 Vulnerabilities: file download vulnerability, path traversal, code execution
Affected productsExternal IDs
vendor: sharp model: printers
db: NVD ids: CVE-2023-23750, CVE-2022-21724, CVE-2023-39143

CompTIA Security+ SY0-701 Full Course and Labs - SoftArchive

Trust: 3.5

Fetched: Feb. 2, 2024, 10:05 a.m., Published: -
 Vulnerabilities: privilege escalation, request forgery, directory traversal
Affected productsExternal IDs
vendor: wireshark model: wireshark

Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products | CISA

Trust: 3.25

Fetched: Feb. 2, 2024, 10:04 a.m., Published: Feb. 2, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: unified communications

Cisco Adaptive Security Device Manager Information Disclosure Vulnerability

Trust: 5.0

Fetched: Feb. 2, 2024, 10 a.m., Published: June 29, 2022, 9:50 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: device manager
vendor: cisco model: adaptive security device manager
vendor: cisco model: security device manager

Common SNMP Vulnerability: 9-Step Guide to Protect Your Network

Related entries in the VARIoT vulnerabilities database: VAR-200202-0007, VAR-200202-0006

Trust: 4.5

Fetched: Feb. 2, 2024, 9:49 a.m., Published: Dec. 18, 2020, 10:47 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: symantec model: web gateway
vendor: symantec model: symantec web gateway
vendor: general electric model: industrial solutions ups snmp/web adapter
db: NVD ids: CVE-2002-0013, CVE-2002-0012

Vulnerability Audit Reports - Lansweeper Community

Trust: 4.5

Fetched: Feb. 2, 2024, 9:47 a.m., Published: Jan. 31, 2024, 3:43 p.m.
 Vulnerabilities: code execution, use after free
Affected productsExternal IDs
vendor: google model: chrome
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: tvos
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: series switches
vendor: cisco model: series
db: NVD ids: CVE-2024-0519, CVE-2023-6345, CVE-2024-23222

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Feb. 2, 2024, 9:46 a.m., Published: Nov. 2, 2023, midnight
 Vulnerabilities: configuration error
Affected productsExternal IDs

Google fixes Android bug that hackers can abuse without privileges - Techzine Europe

Trust: 5.75

Fetched: Feb. 2, 2024, 9:45 a.m., Published: Dec. 5, 2023, 10:23 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-45866, CVE-2023-40077, CVE-2022-40507, CVE-2023-40088, CVE-2023-40076

New Security Flaw in UEFI Affects Millions of PCs

Trust: 4.0

Fetched: Feb. 2, 2024, 9:44 a.m., Published: Dec. 6, 2023, 10:12 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Security Vulnerability in KYOCERA Device Manager

Trust: 3.25

Fetched: Feb. 2, 2024, 9:43 a.m., Published: Nov. 1, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-50916

Kyocera Device Manager Vulnerability Exposes Enterprise Credentials | Hack Dojo

Trust: 4.25

Fetched: Feb. 2, 2024, 9:43 a.m., Published: Jan. 10, 2024, midnight
 Vulnerabilities: input validation flaw
Affected productsExternal IDs
db: NVD ids: CVE-2023-50916

How Vulnerability Scanners Can Secure Your Network

Trust: 3.0

Fetched: Feb. 2, 2024, 9:41 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: sql injection, cross-site scripting
Affected productsExternal IDs

Citrix Bleed: CVE-2023-4966 Vulnerability Analysis and Exploitation | by CYFIRMA | Medium

Trust: 3.5

Fetched: Feb. 2, 2024, 9:39 a.m., Published: Nov. 24, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: citrix model: netscaler adc
vendor: citrix model: gateway
vendor: citrix model: netscaler
db: NVD ids: CVE-2023-4966

How to fix CVE-2024-20253 in Cisco products | Vulcan Cyber

Trust: 5.75

Fetched: Feb. 2, 2024, 9:38 a.m., Published: Jan. 28, 2024, 12:38 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: hosted collaboration mediation fulfillment
vendor: cisco model: prime collaboration deployment
vendor: cisco model: prime license manager
vendor: cisco model: prime collaboration
vendor: cisco model: unity connection
vendor: cisco model: unified contact center express
vendor: cisco model: packaged contact center enterprise
vendor: cisco model: virtualized voice browser
vendor: cisco model: socialminer
vendor: cisco model: unified communications manager
vendor: cisco model: unity
vendor: cisco model: unified communications manager im & presence service
vendor: cisco model: unified intelligence center
vendor: cisco model: cisco unified communications manager
vendor: cisco model: finesse
vendor: cisco model: unified communications
vendor: cisco model: emergency responder
vendor: cisco model: unified contact center enterprise
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: customer voice portal
db: NVD ids: CVE-2024-20253

Update now! Chrome fixes actively exploited zero-day vulnerability | Malwarebytes

Trust: 5.0

Fetched: Feb. 2, 2024, 9:37 a.m., Published: Nov. 29, 2023, 11 p.m.
 Vulnerabilities: integer overflow
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: android
vendor: google model: chrome
db: NVD ids: CVE-2023-6345

Critical Android Vulnerabilities Alert: CERT-IN's Warning For Indian Users

Trust: 3.5

Fetched: Feb. 2, 2024, 9:32 a.m., Published: Nov. 15, 2023, 8:31 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: google model: android

12 Best Penetration Testing Tools in 2024 (Feature Comparison)

Trust: 5.75

Fetched: Feb. 2, 2024, 9:27 a.m., Published: Dec. 15, 2023, 8:31 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: wireshark model: wireshark

Introduction to Cybersecurity: My Knowledge Check Answers

Trust: 3.25

Fetched: Feb. 2, 2024, 9:26 a.m., Published: Nov. 13, 2023, 9:02 a.m.
 Vulnerabilities: buffer overflow, privilege escalation, brute force attack...
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: cisco model: series
vendor: cisco model: meeting
vendor: palo model: firewall
vendor: palo model: networks

Public Release of Exploit for Android Privilege Elevation Flaw Affecting Multiple OEMs (CVE-2023-45779) - OP INNOVATE

Trust: 5.75

Fetched: Feb. 2, 2024, 9:25 a.m., Published: Feb. 1, 2024, 11:16 a.m.
 Vulnerabilities: privilege elevation
Affected productsExternal IDs
vendor: asus model: asus
vendor: nokia model: impact
vendor: google model: android
vendor: lenovo model: system
vendor: lenovo model: updates
vendor: motorola model: android
vendor: motorola model: motorola
db: NVD ids: CVE-2023-45779

Networking Essentials 2.0 Practice Final Exam Answers

Trust: 4.5

Fetched: Feb. 2, 2024, 9:17 a.m., Published: Nov. 23, 2023, 7:59 a.m.
 Vulnerabilities: brute force attack
Affected productsExternal IDs
vendor: trend model: security
vendor: cisco model: router
vendor: cisco model: access points
vendor: cisco model: routers
vendor: cisco model: wireless access point