VARIoT latest news about IoT security

Pot calls the kettle hack as China claims Uncle Sam did digital sneak peek first \| Vumetric Cyber Portal Trust: 3.25 Fetched: Sept. 24, 2023, 9:40 a.m., Published: Sept. 24, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

huawei

model:

huawei

Kandji - Product updates \| Support for iOS, iPadOS, and tvOS 17 Trust: 3.0 Fetched: Sept. 24, 2023, 9:39 a.m., Published: Sept. 18, 2023, 5:44 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	tvos
vendor:	apple	model:	icloud

What Is IoT? \| Robots.net Trust: 3.25 Fetched: Sept. 24, 2023, 9:38 a.m., Published: Sept. 16, 2023, 10:01 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	apple	model:	watch
vendor:	trend	model:	security

Multiple Vulnerabilities in Notepad++ Could Allow for Arbitrary Code Execution Trust: 3.25 Fetched: Sept. 24, 2023, 9:37 a.m., Published: Sept. 12, 2023, midnight	Vulnerabilities: code execution

Affected products	External IDs

New Apple Security Updates Patch Zero-Day Vulnerabilities \| Robots.net Trust: 3.75 Fetched: Sept. 24, 2023, 9:37 a.m., Published: Sept. 22, 2023, 10:15 p.m.	Vulnerabilities: certificate validation bug

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	watchos
vendor:	apple	model:	watch
vendor:	apple	model:	safari
vendor:	apple	model:	webkit
vendor:	apple	model:	macos

Urgent! IOS 17 Threat Uncovered - Update Your Apple Devices Now Trust: 4.75 Fetched: Sept. 24, 2023, 9:36 a.m., Published: Sept. 22, 2023, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	watchos
vendor:	apple	model:	ipad
vendor:	apple	model:	webkit
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2023-41991, CVE-2023-41993, CVE-2023-41992

Emergency update! Apple patches three zero-days Trust: 4.5 Fetched: Sept. 24, 2023, 9:33 a.m., Published: Sept. 22, 2023, 8:31 p.m.	Vulnerabilities: certificate validation issue, code execution

Affected products

External IDs

vendor:	apple	model:	safari
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone
vendor:	apple	model:	macos
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2023-41991, CVE-2023-41993, CVE-2023-41992

Delta Electronics DIAScreen \| CISA Trust: 5.75 Fetched: Sept. 24, 2023, 9:32 a.m., Published: Sept. 1, 2023, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2023-5068

Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 - Mozilla Trust: 3.25 Fetched: Sept. 24, 2023, 9:31 a.m., Published: -	Vulnerabilities: buffer overflow

Affected products	External IDs

Vulnerability Summary for the Week of September 11, 2023 \| CISA Related entries in the VARIoT vulnerabilities database: VAR-201108-0132, VAR-202309-0807, VAR-202309-0729 Trust: 4.25 Fetched: Sept. 24, 2023, 9:27 a.m., Published: Sept. 11, 2023, midnight	Vulnerabilities: service crash, access control vulnerability, command injection...

Affected products

External IDs

vendor:	zoom	model:	client
vendor:	palo	model:	networks
vendor:	google	model:	google chrome
vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	asus	model:	asus
vendor:	dell	model:	bios
vendor:	cerberus	model:	ftp server
vendor:	palo_alto_networks	model:	networks
vendor:	schneider_electric	model:	igss
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	ios_xr
vendor:	cisco	model:	guard
vendor:	cisco	model:	cisco ios
vendor:	node.js	model:	node.js
vendor:	blackberry	model:	link
vendor:	blackberry	model:	blackberry
vendor:	blackberry	model:	style
vendor:	palo alto networks	model:	networks

db:

NVD

ids:

CVE-2023-4501, CVE-2023-4785, CVE-2023-41609, CVE-2023-4907, CVE-2023-3280, CVE-2023-41158, CVE-2023-42503, CVE-2023-39914, CVE-2023-36497, CVE-2023-4902, CVE-2023-39069, CVE-2023-40717, CVE-2023-37875, CVE-2023-41892, CVE-2023-41152, CVE-2023-42468, CVE-2023-36551, CVE-2022-48474, CVE-2023-40308, CVE-2023-2848, CVE-2023-41423, CVE-2023-4060, CVE-2023-25608, CVE-2012-2098, CVE-2023-4307, CVE-2023-20233, CVE-2023-4828, CVE-2023-20190, CVE-2023-39068, CVE-2023-4928, CVE-2023-3039, CVE-2023-36634, CVE-2023-4801, CVE-2023-42469, CVE-2023-41267, CVE-2023-4039, CVE-2023-36638, CVE-2023-4867, CVE-2023-37881, CVE-2023-25519, CVE-2014-5329, CVE-2023-21522, CVE-2023-4900, CVE-2023-4814, CVE-2023-26141, CVE-2023-21520, CVE-2023-4400, CVE-2022-4896, CVE-2023-41593, CVE-2023-41162, CVE-2023-29183, CVE-2023-41775, CVE-2023-4314, CVE-2023-4904, CVE-2023-21521, CVE-2023-41885, CVE-2023-40617, CVE-2023-41879, CVE-2023-4318, CVE-2023-4294, CVE-2023-4879, CVE-2023-34469, CVE-2023-41081, CVE-2023-3301, CVE-2023-36980, CVE-2023-4901, CVE-2023-4852, CVE-2023-4906, CVE-2023-39067, CVE-2023-3712, CVE-2022-48475, CVE-2011-3192, CVE-2023-4807, CVE-2023-39227, CVE-2023-4918, CVE-2023-4568, CVE-2022-35849, CVE-2023-27998, CVE-2023-29463, CVE-2023-20191, CVE-2023-38256, CVE-2023-40309, CVE-2023-4802, CVE-2023-4909, CVE-2023-4851, CVE-2023-41154, CVE-2023-4516, CVE-2023-41256, CVE-2023-41103, CVE-2020-19559, CVE-2023-30962, CVE-2023-4270, CVE-2023-4803, CVE-2023-2705, CVE-2023-36642, CVE-2023-41155, CVE-2021-44172, CVE-2023-39215, CVE-2023-4278, CVE-2023-4850, CVE-2023-26142, CVE-2023-40850, CVE-2023-39208, CVE-2023-4759, CVE-2023-39916, CVE-2023-39780, CVE-2023-37878, CVE-2023-4849, CVE-2023-40032, CVE-2023-20135, CVE-2023-3711, CVE-2023-31468, CVE-2023-39070, CVE-2023-32558, CVE-2023-4878, CVE-2022-47637, CVE-2023-37879, CVE-2023-34984, CVE-2023-4813, CVE-2023-4921, CVE-2023-41331, CVE-2023-3710, CVE-2023-32005, CVE-2023-4863, CVE-2023-39201, CVE-2021-3750, CVE-2023-3255, CVE-2023-3588, CVE-2023-41336, CVE-2023-34470, CVE-2023-39915, CVE-2023-40150, CVE-2023-0119, CVE-2023-4903, CVE-2023-4022, CVE-2023-4905, CVE-2023-2680, CVE-2023-20236, CVE-2023-34041, CVE-2023-4155, CVE-2023-21523, CVE-2023-4908, CVE-2023-40715, CVE-2023-40624, CVE-2023-39073

Siemens LOGO! 8 BM Buffer Overflow (CVE-2022-36361) - vulnerability database \| Vulners.com Related entries in the VARIoT vulnerabilities database: VAR-202210-0505, VAR-202210-0504, VAR-202210-0503 Trust: 3.5 Fetched: Sept. 24, 2023, 9:25 a.m., Published: Sept. 21, 2023, midnight	Vulnerabilities: improper validation, buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2022-36363, CVE-2022-36361, CVE-2022-36362

CVE-2023-23363 & CVE-2023-23364: High-Severity Bugs Unveiled in QNAP's QTS & Multimedia Console Trust: 4.25 Fetched: Sept. 24, 2023, 9:24 a.m., Published: May 24, 2023, midnight	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2023-23363, CVE-2023-23364

About the security content of iOS 17.0.1 and iPadOS 17.0.1 - Apple Support Trust: 4.5 Fetched: Sept. 24, 2023, 9:23 a.m., Published: Sept. 21, 2023, midnight	Vulnerabilities: certificate validation issue, code execution

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2023-41991, CVE-2023-41993, CVE-2023-41992

15 Essential Skills for Cybersecurity Analysts in 2023 \| Coursera Trust: 3.75 Fetched: Sept. 24, 2023, 9:22 a.m., Published: Sept. 24, 2023, midnight	Vulnerabilities: sql injection

Affected products

External IDs

vendor:

google

model:

android

Thousands of Juniper firewalls still vulnerable to RCE • The Register Trust: 4.0 Fetched: Sept. 24, 2023, 9:21 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-36851, CVE-2023-36847, CVE-2023-36845, CVE-2023-36844, CVE-2023-36846

Azure security baseline for IoT Hub \| Microsoft Learn Trust: 3.0 Fetched: Sept. 24, 2023, 9:20 a.m., Published: Sept. 20, 2023, midnight	Vulnerabilities: -

Affected products	External IDs

IoT Cyber Security: Trends, Challenges And Solutions - Evolution Systems Trust: 4.25 Fetched: Sept. 24, 2023, 9:17 a.m., Published: Sept. 19, 2023, 2:04 a.m.	Vulnerabilities: default password

Affected products

External IDs

vendor:	tesla	model:	model
vendor:	google	model:	wi-fi router
vendor:	google	model:	home
vendor:	raspberry pi	model:	3
vendor:	cisco	model:	router
vendor:	cisco	model:	routers
vendor:	node.js	model:	node.js

The PRTG Network Scanning Tools Trust: 3.0 Fetched: Sept. 24, 2023, 9:17 a.m., Published: Sept. 25, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

paessler

model:

prtg network monitor

16 Best Vulnerability Scanners of 2023 [Expert Review] Trust: 4.25 Fetched: Sept. 24, 2023, 9:15 a.m., Published: Sept. 6, 2022, 10:41 a.m.	Vulnerabilities: cross-site scripting, request forgery, cross-site request forgery...

Affected products

External IDs

vendor:	sophos	model:	endpoint protection
vendor:	sophos	model:	firewall
vendor:	sophos	model:	mobile

The 5 Riskiest Connected Devices in 2023: IT, IoT, OT, IoMT - Forescout Trust: 3.75 Fetched: Sept. 24, 2023, 9:11 a.m., Published: July 13, 2023, 9 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

VARIoT news about IoT security