VARIoT latest news about IoT security

How Much Does It Cost to Install Home Automation System? - ByRetreat Trust: 3.5 Fetched: Feb. 23, 2024, 10:06 a.m., Published: Jan. 27, 2024, 6:56 p.m.	Vulnerabilities: default credentials

Affected products	External IDs

What Are the Disadvantages of Motion Sensor Lights? - ByRetreat Trust: 3.5 Fetched: Feb. 23, 2024, 10:04 a.m., Published: Jan. 26, 2024, 4:01 p.m.	Vulnerabilities: default credentials

Affected products	External IDs

New Vulnerability in Fortinet FortiOS Exposes Devices to Remote Code Execution Related entries in the VARIoT vulnerabilities database: VAR-202212-1132 Trust: 5.0 Fetched: Feb. 23, 2024, 10:02 a.m., Published: Feb. 19, 2024, 6:28 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

ansible

model:

ansible

db:

NVD

ids:

CVE-2023-34992, CVE-2022-42475, CVE-2024-21762, CVE-2024-23108, CVE-2023-27997, CVE-2024-23109

Security Advisory for Post-Authentication Command Injection on the R7000, PSV-2023-0154 - NETGEAR Support Trust: 4.0 Fetched: Feb. 23, 2024, 10:02 a.m., Published: -	Vulnerabilities: command injection

Affected products

External IDs

vendor:	netgear	model:	orbi
vendor:	netgear	model:	r7000

Go Vulnerability Database - Go Packages Trust: 4.0 Fetched: Feb. 23, 2024, 10:01 a.m., Published: Feb. 20, 2024, midnight	Vulnerabilities: cross-site scripting

Affected products	External IDs

What Are the Advantages and Disadvantages of Smart Home? - ByRetreat Trust: 3.5 Fetched: Feb. 23, 2024, 9:59 a.m., Published: Jan. 31, 2024, 7:25 a.m.	Vulnerabilities: default credentials

Affected products	External IDs

What's the Difference Between Kasa and Tapo? - ByRetreat Trust: 3.5 Fetched: Feb. 23, 2024, 9:58 a.m., Published: Jan. 26, 2024, 2:49 p.m.	Vulnerabilities: default credentials

Affected products	External IDs

How Do I Integrate Nest Thermostat With Home Assistant? - ByRetreat Trust: 4.5 Fetched: Feb. 23, 2024, 9:56 a.m., Published: Jan. 31, 2024, 5:31 a.m.	Vulnerabilities: default credentials

Affected products

External IDs

vendor:

home assistant

model:

home assistant

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers - Patabook Technology Trust: 4.25 Fetched: Feb. 23, 2024, 9:55 a.m., Published: Feb. 21, 2024, 10:41 p.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2023-52160, CVE-2023-52161

Bluetooth Flaw: Multi-OS Takeover Risk! 🚨📱 - Impulsec Trust: 4.5 Fetched: Feb. 23, 2024, 9:54 a.m., Published: Jan. 17, 2024, 10:54 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	android
vendor:	apple	model:	macbook pro
vendor:	apple	model:	macbook
vendor:	apple	model:	iphone
vendor:	apple	model:	macbook air
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2024-21306, CVE-2023-45866

Does Bell Smart Home Work Without Internet? - ByRetreat Trust: 3.5 Fetched: Feb. 23, 2024, 9:48 a.m., Published: Jan. 29, 2024, 3:53 a.m.	Vulnerabilities: default credentials

Affected products	External IDs

What Thermostats Are Compatible With Savant? - ByRetreat Trust: 3.5 Fetched: Feb. 23, 2024, 9:46 a.m., Published: Jan. 29, 2024, 6:11 a.m.	Vulnerabilities: default credentials

Affected products	External IDs

DNSSEC vulnerability puts big chunk of the internet at risk • The Register Trust: 3.75 Fetched: Feb. 23, 2024, 9:45 a.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2023-5679, CVE-2023-5517, CVE-2023-4408, CVE-2023-6516, CVE-2023-50387, CVE-2023-50868

Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series \| CISA Trust: 3.0 Fetched: Feb. 23, 2024, 9:44 a.m., Published: Feb. 23, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	series
vendor:	cisco	model:	expressway
vendor:	cisco	model:	cisco expressway
vendor:	cisco	model:	expressway series

Cisco Unified Intelligence Center Insufficient Access Contro... - vulnerability database \| Vulners.com Trust: 3.0 Fetched: Feb. 23, 2024, 9:42 a.m., Published: Feb. 21, 2024, 4 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	unified intelligence center
vendor:	cisco	model:	cisco unified intelligence center

Cisco Unified Intelligence Center Insufficient Access Control Vulnerability Trust: 5.0 Fetched: Feb. 23, 2024, 9:41 a.m., Published: Feb. 21, 2024, 3:57 p.m.	Vulnerabilities: access control vulnerability

Affected products

External IDs

vendor:	cisco	model:	cisco unified intelligence center
vendor:	cisco	model:	unified intelligence center

The Rise of Connected Medical Devices: New Security Risks and How to Mitigate Them Trust: 3.0 Fetched: Feb. 23, 2024, 9:40 a.m., Published: Feb. 3, 2024, midnight	Vulnerabilities: -

Affected products	External IDs

Apple Shortcuts Zero-Click Vulnerability Enables Covert Data Theft - VULNERA Trust: 3.75 Fetched: Feb. 23, 2024, 9:34 a.m., Published: Feb. 22, 2024, 8:39 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	trend	model:	security
vendor:	apple	model:	webkit
vendor:	apple	model:	watchos
vendor:	apple	model:	icloud
vendor:	apple	model:	safari
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2024-23204, CVE-2024-23222

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers - BU-CERT Trust: 4.25 Fetched: Feb. 23, 2024, 9:32 a.m., Published: Feb. 19, 2024, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2023-52160, CVE-2023-52161

Apple's reply on device vulnerability not totally clear: MoS IT on iPhone alert to MPs Trust: 3.25 Fetched: Feb. 23, 2024, 9:31 a.m., Published: Feb. 19, 2024, 10:48 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

VARIoT news about IoT security