Sign-up

VARIoT news about IoT security

Cisco Discloses ‘Critical’ Zero-Day Vulnerability In IOS XE | CRN

Trust: 6.25

Fetched: Dec. 6, 2023, 9:29 a.m., Published: Oct. 16, 2023, 12:33 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198

Android Security Update: Android users, Google wants you to download this security update right away

Trust: 3.0

Fetched: Dec. 6, 2023, 9:28 a.m., Published: Dec. 5, 2023, 3:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

All About Common Vulnerabilities and Exposures (CVEs)

Trust: 3.5

Fetched: Dec. 6, 2023, 9:27 a.m., Published: Oct. 5, 2023, 10:18 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: cisco model: series
db: NVD ids: CVE-2023-4863, CVE-2023-4077, CVE-2021-44189

Android Security Paper 2023: An update on mobile protections

Trust: 3.0

Fetched: Dec. 6, 2023, 9:27 a.m., Published: Oct. 17, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

What to Know about Cisco Duo Windows App Vulnerability | Community

Trust: 4.75

Fetched: Dec. 6, 2023, 9:26 a.m., Published: Dec. 3, 2023, midnight
 Vulnerabilities: directory traversal
Affected productsExternal IDs
db: NVD ids: CVE-2023-20229

All You Need to Know About Android App Vulnerability: Improper Platform Usage - Astra Security Blog

Trust: 3.75

Fetched: Dec. 6, 2023, 9:25 a.m., Published: Sept. 26, 2023, 1:35 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202108-1914, VAR-202112-0566

Trust: 5.25

Fetched: Dec. 6, 2023, 9:22 a.m., Published: Dec. 10, 2023, midnight
 Vulnerabilities: code execution, credential disclosure, password disclosure...
Affected productsExternal IDs
vendor: trend model: security
vendor: essential model: phone
db: NVD ids: CVE-2019-18935, CVE-2021-36942, CVE-2022-24682, CVE-2021-44228, CVE-2022-37042, CVE-2022-27925, CVE-2022-30333, CVE-2022-27924

What Measure Should Be Taken To Secure IoT Devices? | Robots.net

Trust: 3.75

Fetched: Dec. 6, 2023, 9:19 a.m., Published: Sept. 16, 2023, 12:01 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

Hello Authentication Vulnerabilities Discovered: Stay Safe

Trust: 3.75

Fetched: Dec. 6, 2023, 9:19 a.m., Published: Dec. 1, 2023, 1:34 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: thinkpad
db: NVD ids: CVE-2021-34466

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967

Trust: 4.0

Fetched: Dec. 6, 2023, 9:18 a.m., Published: Oct. 10, 2023, 12:07 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler adc
db: NVD ids: CVE-2023-4967, CVE-2023-4966

Electronics | Free Full-Text | Detection of Vulnerabilities in Smart Buildings Using the Shodan Tool

Related entries in the VARIoT vulnerabilities database: VAR-201706-1000

Trust: 5.0

Fetched: Dec. 6, 2023, 9:16 a.m., Published: Jan. 6, 2023, midnight
 Vulnerabilities: code execution, default password, brute force attack...
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: tp-link model: gateway
vendor: tp-link model: wr841n
vendor: google model: wifi
vendor: google model: home
vendor: d-link model: router
vendor: d-link model: d-link dcs-2121
vendor: d-link model: dcs-2121
vendor: trend model: security
vendor: ecobee model: smart thermostat
vendor: rapid model: scada
vendor: essential model: phone
vendor: siemens model: ip camera
vendor: belkin model: router
vendor: belkin model: wemo switch
db: NVD ids: CVE-2017-15906, CVE-2017-7679, CVE-2018-1312, CVE-2019-0220, CVE-2018-15919, CVE-2019-0211, CVE-2018-17199

Citrix Bleed and Monitoring Network Devices - Eclypsium | Supply Chain Security for the Modern Enterprise

Trust: 4.5

Fetched: Dec. 6, 2023, 9:14 a.m., Published: Dec. 5, 2023, 4 p.m.
 Vulnerabilities: memory corruption, command injection, default credentials
Affected productsExternal IDs
vendor: citrix model: netscaler
vendor: trend model: security
db: NVD ids: CVE-2023-4966

Android 14 Security Release Notes | Android Open Source Project

Trust: 4.75

Fetched: Dec. 6, 2023, 9:13 a.m., Published: Dec. 14, 2023, midnight
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-21385, CVE-2023-21312, CVE-2023-21369, CVE-2023-21346, CVE-2023-21358, CVE-2023-21310, CVE-2023-21330, CVE-2023-21376, CVE-2023-21397, CVE-2022-27404, CVE-2023-21347, CVE-2023-21301, CVE-2023-21303, CVE-2023-21320, CVE-2023-21326, CVE-2023-21352, CVE-2022-20531, CVE-2023-21306, CVE-2023-21364, CVE-2023-21331, CVE-2023-21370, CVE-2023-21328, CVE-2023-21383, CVE-2023-21386, CVE-2023-21296, CVE-2023-21305, CVE-2023-21323, CVE-2023-21335, CVE-2023-21311, CVE-2023-21334, CVE-2023-21338, CVE-2023-21342, CVE-2023-21343, CVE-2023-21294, CVE-2023-21390, CVE-2023-21293, CVE-2023-21319, CVE-2023-21344, CVE-2023-21391, CVE-2023-21374, CVE-2023-21388, CVE-2023-21380, CVE-2023-21375, CVE-2023-21336, CVE-2023-21393, CVE-2023-21396, CVE-2022-20264, CVE-2023-21318, CVE-2023-21314, CVE-2023-21356, CVE-2023-21333, CVE-2023-21357, CVE-2023-21316, CVE-2023-21329, CVE-2023-21321, CVE-2023-21360, CVE-2023-40101, CVE-2023-21309, CVE-2023-21362, CVE-2023-21373, CVE-2023-21337, CVE-2023-21384, CVE-2023-21395, CVE-2023-21351, CVE-2023-21325, CVE-2023-21348, CVE-2022-29824, CVE-2023-21315, CVE-2023-21340, CVE-2023-21355, CVE-2023-21372, CVE-2023-21317, CVE-2023-21300, CVE-2023-21350, CVE-2023-21389, CVE-2023-21377, CVE-2023-21302, CVE-2023-21387, CVE-2023-21367, CVE-2023-21339, CVE-2023-21371, CVE-2023-21392, CVE-2023-21379, CVE-2023-21327, CVE-2023-21349, CVE-2023-21313, CVE-2023-21297, CVE-2023-21398, CVE-2023-21394, CVE-2023-21308, CVE-2023-35678, CVE-2023-21345, CVE-2023-21307, CVE-2023-21324, CVE-2023-21381, CVE-2023-21366, CVE-2023-21299, CVE-2023-21354, CVE-2023-45780, CVE-2023-21365, CVE-2023-21332, CVE-2023-21361, CVE-2023-21304, CVE-2023-21368, CVE-2021-39810, CVE-2023-21378, CVE-2023-21295, CVE-2023-21353, CVE-2023-21359, CVE-2023-21382, CVE-2023-21341, CVE-2023-21298

SSA-292063

Trust: 5.5

Fetched: Dec. 5, 2023, 9:30 a.m., Published: June 22, 2003, midnight
 Vulnerabilities: sql injection, denial of service
Affected productsExternal IDs
vendor: nozomi model: networks guardian
vendor: nozomi model: guardian
db: NVD ids: CVE-2023-29245, CVE-2023-2567, CVE-2023-32649

Exploited Vulnerabilities Can Take Months to Make KEV List

Trust: 4.75

Fetched: Dec. 5, 2023, 9:27 a.m., Published: Dec. 5, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-27532

CVE-2023-48697 - vulnerability database | Vulners.com

Trust: 4.0

Fetched: Dec. 5, 2023, 9:26 a.m., Published: Dec. 5, 2023, 1:15 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-48697

CVE-2023-48695 - vulnerability database | Vulners.com

Trust: 4.0

Fetched: Dec. 5, 2023, 9:26 a.m., Published: Dec. 5, 2023, 1:15 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-48695

New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices

Trust: 3.0

Fetched: Dec. 5, 2023, 9:25 a.m., Published: Dec. 4, 2023, 11:03 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-0543

CVE-2023-48698 - vulnerability database | Vulners.com

Trust: 3.0

Fetched: Dec. 5, 2023, 9:20 a.m., Published: Dec. 5, 2023, 1:15 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-48698

Significant Zyxel vulnerabilities addressed | SC Media

Trust: 3.25

Fetched: Dec. 5, 2023, 9:20 a.m., Published: Dec. 1, 2023, 5:18 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-46604