Sign-up

VARIoT news about IoT security

What Are The Security And Privacy Considerations When Using Interconnected Smart Devices? - Cutting Energy Costs

Trust: 4.25

Fetched: Sept. 26, 2023, 9:35 a.m., Published: Sept. 21, 2023, 9:44 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: google model: home
vendor: google model: google home

Xen Security Advisories

Related entries in the VARIoT vulnerabilities database: VAR-201604-0129, VAR-202006-0241, VAR-201905-0709, VAR-201804-0700, VAR-202103-1030, VAR-201801-0826, VAR-201808-0957, VAR-201310-0433, VAR-201804-0701, VAR-201511-0101, VAR-202009-0841, VAR-202004-0465, VAR-202206-1157, VAR-201801-1711, VAR-201506-0038, VAR-201401-0178, VAR-201806-1505, VAR-201805-0950, VAR-201311-0359, VAR-201505-0417, VAR-201905-1248, VAR-201801-1434, VAR-201905-0711, VAR-202003-0008, VAR-201905-0710, VAR-202106-1422, VAR-202004-0464, VAR-201511-0294, VAR-202103-1029, VAR-201808-0958, VAR-202206-1186, VAR-201801-1712, VAR-202004-0462, VAR-201805-0963, VAR-202206-1106, VAR-201911-1619, VAR-202004-0243

Trust: 3.5

Fetched: Sept. 26, 2023, 9:32 a.m., Published: Sept. 26, 2064, midnight
 Vulnerabilities: memory corruption, memory allocation issue, denial of service...
Affected productsExternal IDs
db: NVD ids: CVE-2020-25602, CVE-2016-2271, CVE-2019-19583, CVE-2022-33746, CVE-2013-1919, CVE-2020-25603, CVE-2013-4355, CVE-2021-28700, CVE-2015-7970, CVE-2023-34322, CVE-2016-3961, CVE-2020-27674, CVE-2019-19578, CVE-2016-10024, CVE-2018-19965, CVE-2022-42323, CVE-2022-42330, CVE-2013-4356, CVE-2015-7972, CVE-2013-1918, CVE-2020-11741, CVE-2020-0543, CVE-2021-28703, CVE-2018-15471, CVE-2014-1892, CVE-2013-4344, CVE-2022-42322, CVE-2015-7812, CVE-2017-10918, CVE-2022-42313, CVE-2014-1891, CVE-2016-9386, CVE-2020-25595, CVE-2022-26359, CVE-2012-5513, CVE-2022-42329, CVE-2013-0215, CVE-2015-2044, CVE-2018-19964, CVE-2021-28693, CVE-2018-12126, CVE-2017-17566, CVE-2020-29480, CVE-2013-0153, CVE-2019-18423, CVE-2014-1894, CVE-2014-9030, CVE-2022-26365, CVE-2018-10471, CVE-2022-26360, CVE-2016-9637, CVE-2015-4164, CVE-2022-42319, CVE-2012-6333, CVE-2021-28039, CVE-2017-8904, CVE-2017-5715, CVE-2013-3495, CVE-2017-2615, CVE-2017-15597, CVE-2013-1920, CVE-2015-5166, CVE-2018-3646, CVE-2017-10919, CVE-2018-19966, CVE-2018-19963, CVE-2013-4370, CVE-2023-34320, CVE-2022-33741, CVE-2022-42316, CVE-2022-33747, CVE-2015-6654, CVE-2018-10472, CVE-2016-5242, CVE-2020-14364, CVE-2014-8595, CVE-2017-15591, CVE-2014-8867, CVE-2014-5146, CVE-2014-2599, CVE-2012-5510, CVE-2012-5525, CVE-2015-8339, CVE-2021-28699, CVE-2019-17341, CVE-2013-0231, CVE-2018-15470, CVE-2017-17046, CVE-2013-0217, CVE-2015-8552, CVE-2016-4480, CVE-2015-8104, CVE-2020-25599, CVE-2022-42326, CVE-2014-2580, CVE-2013-4554, CVE-2018-7541, CVE-2020-29485, CVE-2015-8615, CVE-2022-42325, CVE-2015-7971, CVE-2021-28709, CVE-2014-3716, CVE-2021-28690, CVE-2015-5165, CVE-2018-12892, CVE-2014-6268, CVE-2020-11743, CVE-2014-7155, CVE-2021-28696, CVE-2013-1964, CVE-2016-9817, CVE-2015-4106, CVE-2015-2150, CVE-2013-0190, CVE-2021-28695, CVE-2013-1442, CVE-2021-28705, CVE-2013-4369, CVE-2020-25598, CVE-2020-27673, CVE-2022-42321, CVE-2022-33745, CVE-2020-25597, CVE-2022-21166, CVE-2017-10912, CVE-2017-5754, CVE-2017-15596, CVE-2016-7092, CVE-2015-0268, CVE-2023-20569, CVE-2012-5515, CVE-2017-17564, CVE-2018-15469, CVE-2015-8551, CVE-2013-1917, CVE-2020-15563, CVE-2022-42310, CVE-2013-4551, CVE-2022-3643, CVE-2015-7814, CVE-2013-2196, CVE-2014-3967, CVE-2015-4104, CVE-2021-28691, CVE-2020-29567, CVE-2015-2756, CVE-2021-28712, CVE-2016-3158, CVE-2017-12855, CVE-2016-6258, CVE-2021-26932, CVE-2018-18883, CVE-2020-29040, CVE-2020-28368, CVE-2019-17347, CVE-2014-1893, CVE-2021-26931, CVE-2020-27672, CVE-2022-42315, CVE-2020-29484, CVE-2013-2211, CVE-2019-17344, CVE-2020-25604, CVE-2016-7777, CVE-2016-10013, CVE-2014-3124, CVE-2013-2194, CVE-2022-42324, CVE-2015-3209, CVE-2012-5634, CVE-2022-23037, CVE-2016-7154, CVE-2013-4361, CVE-2021-28701, CVE-2022-23038, CVE-2021-28689, CVE-2020-29483, CVE-2014-5149, CVE-2015-2751, CVE-2017-8903, CVE-2017-10914, CVE-2023-34321, CVE-2014-2915, CVE-2022-33743, CVE-2013-2078, CVE-2014-4022, CVE-2022-26356, CVE-2017-12134, CVE-2022-26358, CVE-2021-28687, CVE-2012-5511, CVE-2022-42332, CVE-2013-4375, CVE-2017-7228, CVE-2022-42320, CVE-2015-5154, CVE-2021-27379, CVE-2022-23816, CVE-2015-8340, CVE-2023-20588, CVE-2014-2986, CVE-2013-1952, CVE-2018-12893, CVE-2020-29481, CVE-2015-4105, CVE-2019-17351, CVE-2019-17349, CVE-2022-27672, CVE-2021-28706, CVE-2013-1922, CVE-2018-3665, CVE-2017-12135, CVE-2018-8897, CVE-2022-33740, CVE-2017-17563, CVE-2022-33748, CVE-2013-2076, CVE-2017-14317, CVE-2013-6885, CVE-2020-15565, CVE-2016-7093, CVE-2015-3456, CVE-2021-28710, CVE-2019-11091, CVE-2021-28708, CVE-2018-5244, CVE-2021-28692, CVE-2016-9380, CVE-2015-8550, CVE-2015-8341, CVE-2014-8594, CVE-2021-28698, CVE-2019-19577, CVE-2013-0154, CVE-2017-2620, CVE-2016-10025, CVE-2016-9818, CVE-2014-3715, CVE-2019-17346, CVE-2017-14318, CVE-2017-10923, CVE-2019-18422, CVE-2018-12130, CVE-2017-10916, CVE-2013-4494, CVE-2015-2152, CVE-2014-5147, CVE-2019-19579, CVE-2021-28707, CVE-2015-7504, CVE-2017-10915, CVE-2018-10982, CVE-2014-9066, CVE-2019-19581, CVE-2013-2072, CVE-2020-29487, CVE-2013-0228, CVE-2019-19582, CVE-2020-0551, CVE-2018-7542, CVE-2021-26930, CVE-2020-29569, CVE-2020-29482, CVE-2018-15468, CVE-2016-6259, CVE-2016-9381, CVE-2022-42327, CVE-2015-7311, CVE-2019-18421, CVE-2018-19967, CVE-2013-0152, CVE-2021-28713, CVE-2021-28715, CVE-2017-14319, CVE-2014-1666, CVE-2022-29900, CVE-2015-8555, CVE-2018-12127, CVE-2015-0361, CVE-2021-28697, CVE-2018-14678, CVE-2022-23041, CVE-2016-9384, CVE-2022-42314, CVE-2018-19962, CVE-2020-29570, CVE-2019-11135, CVE-2014-7156, CVE-2022-23825, CVE-2017-17045, CVE-2015-2752, CVE-2016-3712, CVE-2017-10921, CVE-2016-3710, CVE-2022-40982, CVE-2020-27671, CVE-2020-27675, CVE-2016-7094, CVE-2013-2212, CVE-2020-25601, CVE-2015-2045, CVE-2022-42318, CVE-2016-9385, CVE-2022-23033, CVE-2017-14316, CVE-2022-23036, CVE-2021-28702, CVE-2022-42331, CVE-2016-5403, CVE-2013-4371, CVE-2022-23039, CVE-2014-1950, CVE-2017-8905, CVE-2021-28694, CVE-2017-15590, CVE-2014-3968, CVE-2020-29479, CVE-2021-28714, CVE-2017-12137, CVE-2013-4368, CVE-2016-9382, CVE-2022-23824, CVE-2014-1895, CVE-2022-42336, CVE-2020-25596, CVE-2017-10911, CVE-2014-3969, CVE-2022-26363, CVE-2013-2077, CVE-2013-0151, CVE-2014-5148, CVE-2022-33749, CVE-2022-42334, CVE-2017-10913, CVE-2021-26313, CVE-2015-8554, CVE-2022-42328, CVE-2017-17044, CVE-2019-18420, CVE-2023-34319, CVE-2016-9378, CVE-2014-1642, CVE-2021-28704, CVE-2021-3308, CVE-2018-10981, CVE-2019-17348, CVE-2016-4963, CVE-2019-18425, CVE-2014-3672, CVE-2012-5514, CVE-2017-10917, CVE-2020-29568, CVE-2020-15566, CVE-2013-2007, CVE-2017-15589, CVE-2022-26361, CVE-2017-12136, CVE-2019-17350, CVE-2019-17345, CVE-2014-8866, CVE-2017-15594, CVE-2014-4021, CVE-2013-4553, CVE-2022-26357, CVE-2017-15588, CVE-2016-9932, CVE-2016-2270, CVE-2014-3717, CVE-2014-7188, CVE-2016-9377, CVE-2015-8338, CVE-2021-0089, CVE-2019-17340, CVE-2020-11742, CVE-2016-3159, CVE-2022-42311, CVE-2016-9816, CVE-2015-5307, CVE-2013-4416, CVE-2022-42335, CVE-2020-15564, CVE-2022-42317, CVE-2022-26364, CVE-2021-28038, CVE-2022-23040, CVE-2018-3620, CVE-2014-7154, CVE-2018-12891, CVE-2016-9379, CVE-2020-29566, CVE-2022-33742, CVE-2017-15595, CVE-2018-19961, CVE-2015-3259, CVE-2017-10920, CVE-2014-3714, CVE-2015-4163, CVE-2016-9815, CVE-2022-21125, CVE-2020-27670, CVE-2016-1570, CVE-2022-42312, CVE-2013-4329, CVE-2019-18424, CVE-2016-3157, CVE-2015-4103, CVE-2022-26362, CVE-2015-7969, CVE-2020-15852, CVE-2014-1896, CVE-2020-25600, CVE-2015-2151, CVE-2015-1563, CVE-2013-1432, CVE-2020-15567, CVE-2016-3960, CVE-2017-5753, CVE-2017-15592, CVE-2023-20593, CVE-2022-33744, CVE-2012-5512, CVE-2020-11740, CVE-2017-10922, CVE-2013-2195, CVE-2020-29486, CVE-2014-3125, CVE-2016-1571, CVE-2012-6075, CVE-2018-3639, CVE-2022-42309, CVE-2022-23034, CVE-2022-23035, CVE-2013-6375, CVE-2019-17343, CVE-2015-7813, CVE-2016-4962, CVE-2015-3340, CVE-2021-26933, CVE-2022-42333, CVE-2013-6400, CVE-2021-28711, CVE-2016-9383, CVE-2020-29571, CVE-2017-15593, CVE-2019-19580, CVE-2017-17565, CVE-2014-9065, CVE-2022-21123, CVE-2018-7540, CVE-2015-7835, CVE-2018-14007, CVE-2018-12207, CVE-2019-17342, CVE-2022-23042, CVE-2013-0216, CVE-2020-11739, CVE-2021-28688, CVE-2021-26934, CVE-2016-9603

Juniper Firewalls Susceptible to Unauthenticated Code Execution

Trust: 5.75

Fetched: Sept. 26, 2023, 9:30 a.m., Published: Sept. 20, 2023, 9:56 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: home
db: NVD ids: CVE-2023-36845

Microsoft Security Blog | Digital Security Tips and Solutions

Trust: 3.75

Fetched: Sept. 26, 2023, 9:30 a.m., Published: -
 Vulnerabilities: memory corruption, code execution, denial of service
Affected productsExternal IDs
vendor: codesys model: codesys

Govt Issues 'High Severity' Warning To Apple Users: Is Your Device Safe?

Trust: 5.0

Fetched: Sept. 26, 2023, 9:30 a.m., Published: Sept. 25, 2023, 1:17 p.m.
 Vulnerabilities: certificate validation issue
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: watch
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: macbook
vendor: apple model: apple tv

Kaspersky unveils an overview of IoT-related threats in 2023 | Kaspersky

Trust: 3.5

Fetched: Sept. 26, 2023, 9:29 a.m., Published: Sept. 21, 2023, 10:14 a.m.
 Vulnerabilities: default password, denial of service
Affected productsExternal IDs

Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks - SecurityWeek

Trust: 4.5

Fetched: Sept. 26, 2023, 9:28 a.m., Published: Sept. 25, 2023, 9:33 a.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: google model: android
vendor: google model: chrome
vendor: apple model: iphone
vendor: apple model: macos
db: NVD ids: CVE-2023-41993, CVE-2023-41991, CVE-2023-4762, CVE-2023-41992

Smart Home Devices: Concerns, Vulnerabilities, and How to Address Them - Red Five Security

Trust: 3.0

Fetched: Sept. 26, 2023, 9:27 a.m., Published: Sept. 26, 2023, 3:53 a.m.
 Vulnerabilities: -
Affected productsExternal IDs

Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones - Help Net Security

Trust: 4.5

Fetched: Sept. 26, 2023, 9:26 a.m., Published: Sept. 22, 2023, 10:05 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: watch
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: webkit
vendor: apple model: macos
vendor: google model: android
vendor: google model: chrome
db: NVD ids: CVE-2023-4762, CVE-2023-4863, CVE-2023-41064, CVE-2023-41993, CVE-2023-41061, CVE-2023-41992, CVE-2023-41991

CVE-2023-2262 | TenableĀ®

Related entries in the VARIoT vulnerabilities database: VAR-202309-2098

Trust: 5.0

Fetched: Sept. 26, 2023, 9:25 a.m., Published: -
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-2262

Overview of IoT threats in 2023 - GIXtools

Trust: 5.25

Fetched: Sept. 26, 2023, 9:22 a.m., Published: Sept. 21, 2023, 10 a.m.
 Vulnerabilities: configuration issue
Affected productsExternal IDs
vendor: trend micro model: security
vendor: bosch model: smart camera
vendor: trend model: security
db: NVD ids: CVE-2022-27593

CVE-2023-20269: Zero-Day Vulnerability in Cisco Adaptive Security Appliance and Firepower Threat Defense Reportedly Exploited by Ransomware Groups - Blog | TenableĀ®

Trust: 4.75

Fetched: Sept. 26, 2023, 9:17 a.m., Published: Sept. 12, 2023, 12:17 a.m.
 Vulnerabilities: brute force attack
Affected productsExternal IDs
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense
vendor: cisco model: clientless ssl vpn
vendor: cisco model: ios xr software
vendor: cisco model: firepower management center
vendor: cisco model: nx-os software
vendor: cisco model: ios xr
vendor: cisco model: ios xe
vendor: cisco model: nx-os
vendor: cisco model: asa software
vendor: cisco model: adaptive security appliance
vendor: cisco model: ios software
vendor: cisco model: ios xe software
vendor: cisco model: fxos
vendor: cisco model: cisco adaptive security appliance
db: NVD ids: CVE-2023-20269

Overview of IoT threats in 2023 - Malware News - Malware Analysis, News and Indicators

Trust: 5.25

Fetched: Sept. 26, 2023, 9:15 a.m., Published: Sept. 21, 2023, 10:05 a.m.
 Vulnerabilities: configuration issue
Affected productsExternal IDs
vendor: trend micro model: security
vendor: bosch model: smart camera
vendor: trend model: security
db: NVD ids: CVE-2022-27593

"2023's Thrilling Revelation: Over 700 Dark Web Ads Now Provide DDoS Attacks Via IoT!"

Trust: 3.0

Fetched: Sept. 26, 2023, 9:14 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs

Weekly Vulnerability Recap - 9-25-2023 - Apple & DevOps Flaws

Related entries in the VARIoT vulnerabilities database: VAR-202305-1789

Trust: 5.25

Fetched: Sept. 26, 2023, 9:14 a.m., Published: Sept. 25, 2023, 6:53 p.m.
 Vulnerabilities: improper access control, code execution, bypass certificate...
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: macos
vendor: trend micro model: antivirus
vendor: trend micro model: security
vendor: trend model: antivirus
vendor: trend model: security
db: NVD ids: CVE-2023-22513, CVE-2023-41179, CVE-2022-25647, CVE-2023-41993, CVE-2023-41992, CVE-2023-22512, CVE-2023-41991, CVE-2023-5009, CVE-2023-28709

IoT threats in 2023 | Securelist

Trust: 5.25

Fetched: Sept. 26, 2023, 9:13 a.m., Published: Sept. 26, 2023, midnight
 Vulnerabilities: configuration issue
Affected productsExternal IDs
vendor: trend micro model: security
vendor: bosch model: smart camera
vendor: trend model: security
db: NVD ids: CVE-2022-27593

Two Key Security Precautions To Protect Your Device - And Your Patients

Trust: 3.0

Fetched: Sept. 26, 2023, 9:10 a.m., Published: Sept. 25, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs

ASPL 2023-09-01 / CVE-2023-35674 | Threat Intelligence

Trust: 5.5

Fetched: Sept. 24, 2023, 9:49 a.m., Published: Sept. 1, 2023, midnight
 Vulnerabilities: use after free, integer overflow, code execution...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-35658, CVE-2023-35673, CVE-2023-35681, CVE-2023-35674

Severe vulnerability found in all browsers, and it's being attacked | PCWorld

Trust: 4.0

Fetched: Sept. 24, 2023, 9:48 a.m., Published: Sept. 14, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
db: NVD ids: CVE-2023-4863

The Potential Risks of Dependent Home Systems in Smart Home Automation

Trust: 3.25

Fetched: Sept. 24, 2023, 9:41 a.m., Published: Sept. 22, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: google home
vendor: trend model: security
vendor: sonicwall model: remote access