VARIoT latest news about IoT security

Qualcomm chip vulnerability enables remote attack by voice call \| SC Media Related entries in the VARIoT vulnerabilities database: VAR-202401-0655 Trust: 5.5 Fetched: Jan. 3, 2024, 9:29 a.m., Published: Jan. 2, 2024, 10:11 p.m.	Vulnerabilities: memory corruption, integer overflow, buffer overflow...

Affected products

External IDs

vendor:	motorola	model:	motorola
vendor:	motorola	model:	android
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	mobile
vendor:	samsung	model:	galaxy

db:

NVD

ids:

CVE-2023-33036, CVE-2023-33030, CVE-2023-33025, CVE-2023-33032

How to Minimize Disruption in Network Device Vulnerability Assessment Trust: 3.25 Fetched: Jan. 3, 2024, 9:29 a.m., Published: Jan. 3, 2024, midnight	Vulnerabilities: denial of service

Affected products	External IDs

Dangerous vulnerability in fleet management software seemingly ignored by vendor \| CyberScoop Trust: 5.0 Fetched: Jan. 3, 2024, 9:18 a.m., Published: Dec. 6, 2023, 8:48 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-6248

CVE-2023-32434 Exploited: PoC Unlocks Full Command of iOS Devices Trust: 5.75 Fetched: Jan. 3, 2024, 9:17 a.m., Published: Jan. 2, 2024, 3 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	iphone
vendor:	apple	model:	macbook
vendor:	apple	model:	webkit
vendor:	apple	model:	macbook air

db:

NVD

ids:

CVE-2023-32434, CVE-2023-32439

Worm vs Virus: What's the Difference? - Keeper Security Trust: 3.75 Fetched: Jan. 3, 2024, 9:10 a.m., Published: Jan. 2, 2024, 5:24 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

wifi

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Unauthorized Access Vulnerability Trust: 5.0 Fetched: Jan. 3, 2024, 9:09 a.m., Published: Oct. 11, 2023, 2:59 p.m.	Vulnerabilities: brute force attack

Affected products

External IDs

vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	adaptive security appliance software
vendor:	cisco	model:	clientless ssl vpn
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	ios software
vendor:	cisco	model:	cisco adaptive security appliance software
vendor:	cisco	model:	asa software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	fxos

Cisco Identity Services Engine Command Injection Vulnerabilities Trust: 4.75 Fetched: Jan. 3, 2024, 9:09 a.m., Published: Nov. 1, 2023, 4 p.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	identity services engine

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability Trust: 5.0 Fetched: Jan. 3, 2024, 9:08 a.m., Published: Nov. 2, 2023, 1:47 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	adaptive security appliance software
vendor:	cisco	model:	cisco adaptive security appliance software
vendor:	cisco	model:	asa software
vendor:	cisco	model:	adaptive security appliance

Chromium vulnerability affecting Chrome and Edge \| Lookout Threat Intelligence Trust: 4.5 Fetched: Jan. 3, 2024, 9:08 a.m., Published: Jan. 2, 2024, midnight	Vulnerabilities: memory corruption, heap corruption

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

Cyber watchdog CERT-In issues hack alert on Apple, Samsung products - Times of India Trust: 4.75 Fetched: Jan. 2, 2024, 9:19 a.m., Published: Dec. 15, 2023, 8:19 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	apple	model:	watch
vendor:	apple	model:	apple tv
vendor:	samsung	model:	note

Apple IPhone: iPhone Users Alert! Cybersecurity Experts Warns About Apple iPhone Vulnerability \| Technology & Science News, Times Now Trust: 4.0 Fetched: Jan. 2, 2024, 9:16 a.m., Published: Dec. 29, 2023, 11:31 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

db:

NVD

ids:

CVE-2023-38606

Google fixes 100 Android security issues in December 2023 - Report \| Technology News - India TV Trust: 5.75 Fetched: Jan. 2, 2024, 9:16 a.m., Published: Jan. 1, 2024, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2023-40094, CVE-2023-42890, CVE-2023-36019, CVE-2023-40088, CVE-2023-40078

Apache Struts Vulnerability Affecting Cisco Products: December 2023 Trust: 3.0 Fetched: Jan. 2, 2024, 9:11 a.m., Published: Dec. 21, 2023, 10:23 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	unified contact center enterprise
vendor:	cisco	model:	unified customer voice portal
vendor:	cisco	model:	unified intelligent contact management enterprise
vendor:	cisco	model:	customer voice portal
vendor:	cisco	model:	data center network manager
vendor:	cisco	model:	prime collaboration
vendor:	cisco	model:	unity connection
vendor:	cisco	model:	unified intelligence center
vendor:	cisco	model:	prime infrastructure
vendor:	cisco	model:	nexus
vendor:	cisco	model:	access registrar
vendor:	cisco	model:	hosted collaboration mediation fulfillment
vendor:	cisco	model:	prime collaboration provisioning
vendor:	cisco	model:	packaged contact center enterprise
vendor:	cisco	model:	intelligent contact management
vendor:	cisco	model:	prime collaboration assurance
vendor:	cisco	model:	emergency responder
vendor:	cisco	model:	unified ccx
vendor:	cisco	model:	unified sip proxy software
vendor:	cisco	model:	socialminer
vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	unified contact center express
vendor:	cisco	model:	prime service catalog
vendor:	cisco	model:	computer telephony integration object server
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	finesse
vendor:	cisco	model:	virtualized voice browser
vendor:	cisco	model:	unified communications
vendor:	cisco	model:	unified intelligent contact management
vendor:	cisco	model:	unified communications manager im & presence service
vendor:	cisco	model:	unity
vendor:	cisco	model:	prime access registrar
vendor:	cisco	model:	prime license manager

Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature Trust: 4.75 Fetched: Jan. 2, 2024, 9:11 a.m., Published: Nov. 1, 2023, 3:44 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xe software

db:

NVD

ids:

CVE-2023-20198

Securing Home Networks and Devices Trust: 3.0 Fetched: Dec. 31, 2023, 9:46 a.m., Published: Dec. 3, 2023, midnight	Vulnerabilities: default credentials

Affected products	External IDs

Understanding BLE and ZigBee Protocols \| Redfox Security Trust: 3.75 Fetched: Dec. 31, 2023, 9:44 a.m., Published: Dec. 28, 2023, 6:29 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

mesh

model:

mesh

Operation Triangulation: Leveraged by Exploiting an Undocumented Hardware Feature in iOS Devices \| Black Hat Ethical Hacking Trust: 3.25 Fetched: Dec. 31, 2023, 9:43 a.m., Published: Dec. 29, 2023, 11:04 a.m.	Vulnerabilities: integer overflow

Affected products	External IDs

FIX Google Chrome Zero Day Vulnerability HTMD Blog Trust: 6.0 Fetched: Dec. 31, 2023, 9:43 a.m., Published: July 23, 2019, 8:42 a.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2023-7024

DDoS Unveiled: The Silent Menace in Cyber Warfare \| Science Times Trust: 4.75 Fetched: Dec. 31, 2023, 9:42 a.m., Published: Dec. 18, 2023, 1:24 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

trend

model:

security

This Month in Cybersecurity - December 2023 - In the news - Passbolt community forum Trust: 3.75 Fetched: Dec. 31, 2023, 9:40 a.m., Published: Dec. 29, 2023, 3:30 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	mesh	model:	mesh
vendor:	google	model:	android
vendor:	palo alto networks	model:	networks
vendor:	palo	model:	networks

VARIoT news about IoT security