VARIoT latest news about IoT security

How to Remove Viruses & Malware from Smartphones in 2023 Trust: 3.5 Fetched: Nov. 14, 2023, 9:06 a.m., Published: Dec. 26, 2019, 12:59 p.m.	Vulnerabilities: weak password

Affected products

External IDs

vendor:	apple	model:	icloud
vendor:	apple	model:	itunes
vendor:	apple	model:	iphone
vendor:	huawei	model:	huawei p30
vendor:	huawei	model:	huawei
vendor:	google	model:	android
vendor:	google	model:	home

What Is Network Vulnerability Scanning? Complete Guide Trust: 4.75 Fetched: Nov. 14, 2023, 9:05 a.m., Published: Oct. 24, 2023, 8:26 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

manageengine

model:

network configuration manager

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SAML Assertion Hijack Vulnerability - Cisco Trust: 3.0 Fetched: Nov. 12, 2023, 9:28 a.m., Published: Nov. 11, 2023, 10:05 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco adaptive security appliance software
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	asa software
vendor:	cisco	model:	adaptive security appliance software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower threat defense software

Security Advisory for Pre-authentication Buffer Overflow on the CAX30, PSV-2023-0093 - NETGEAR Support Trust: 4.75 Fetched: Nov. 12, 2023, 9:27 a.m., Published: -	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend micro	model:	security
vendor:	netgear	model:	orbi

Threat Actors Exploiting Cisco IOS XE Zero-day Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 5.5 Fetched: Nov. 12, 2023, 9:20 a.m., Published: Oct. 17, 2023, 12:17 p.m.	Vulnerabilities: arbitrary command execution, command execution, privilege escalation

Affected products

External IDs

vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2023-20198, CVE-2021-1435

Glossary Trust: 3.0 Fetched: Nov. 12, 2023, 9:18 a.m., Published: Nov. 13, 2023, midnight	Vulnerabilities: -

Affected products	External IDs

Firmware Vulnerabilities You Don’t Want in Your Product Trust: 3.5 Fetched: Nov. 12, 2023, 9:18 a.m., Published: Oct. 30, 2023, 2 p.m.	Vulnerabilities: authentication bypass, injection attack, buffer overflow...

Affected products	External IDs

Network Vulnerability Scanning: Types & Tools - Sapphire.net Trust: 3.5 Fetched: Nov. 12, 2023, 9:12 a.m., Published: Oct. 18, 2023, 4:48 a.m.	Vulnerabilities: privilege escalation, denial of service

Affected products	External IDs

Smart TVs, Refrigerators Used in Internet-of-Things Cyberattack - bitdefendercentralhub Trust: 3.5 Fetched: Nov. 10, 2023, 9:35 a.m., Published: Oct. 24, 2023, 12:11 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	trend	model:	security
vendor:	google	model:	home

Pwning Electroencephalogram (EEG) Medical Devices by Default Trust: 4.5 Fetched: Nov. 10, 2023, 9:28 a.m., Published: Nov. 10, 2023, midnight	Vulnerabilities: code execution, default credentials, default password

Affected products

External IDs

vendor:

natus

model:

neuroworks software

Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation Trust: 5.25 Fetched: Nov. 10, 2023, 9:24 a.m., Published: Nov. 7, 2023, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:

google

model:

android

Apache ActiveMQ vulnerability used in ransomware attacks \| Malwarebytes Trust: 3.75 Fetched: Nov. 10, 2023, 9:19 a.m., Published: Nov. 3, 2023, 4:41 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-46604

37 Vulnerabilities Patched 2023 Android Security Updates Related entries in the VARIoT vulnerabilities database: VAR-202311-1173, VAR-202311-0169, VAR-202311-1596, VAR-202311-1527 Trust: 5.75 Fetched: Nov. 10, 2023, 9:18 a.m., Published: Nov. 9, 2023, 5:18 a.m.	Vulnerabilities: code execution, information disclosure, privilege escalation...

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2023-32836, CVE-2023-28469, CVE-2023-32832, CVE-2023-32834, CVE-2023-28574, CVE-2023-32835, CVE-2023-21671, CVE-2023-40113, CVE-2023-33045, CVE-2023-33059, CVE-2023-20702, CVE-2023-33055, CVE-2023-33074, CVE-2023-32837, CVE-2023-33031, CVE-2023-22388

QNAP warns about critical vulnerabilities in NAS systems \| Malwarebytes Trust: 4.75 Fetched: Nov. 10, 2023, 9:17 a.m., Published: Nov. 8, 2023, 11:34 a.m.	Vulnerabilities: weak password, command injection, os command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2023-23368, CVE-2023-23369

Vulnerability Report: CVE-2023-4966 Citrix Bleed Trust: 5.5 Fetched: Nov. 10, 2023, 9:15 a.m., Published: Nov. 3, 2023, midnight	Vulnerabilities: information disclosure

Affected products

External IDs

vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	netscaler
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	gateway

db:

NVD

ids:

CVE-2023-4966

Threat Brief: Citrix Bleed CVE-2023-4966 Trust: 5.25 Fetched: Nov. 10, 2023, 9:10 a.m., Published: Nov. 1, 2023, 9:17 p.m.	Vulnerabilities: information disclosure, session hijacking

Affected products

External IDs

vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	netscaler
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	gateway
vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	palo	model:	networks
vendor:	palo	model:	firewall

db:

NVD

ids:

CVE-2023-4967, CVE-2023-4966

Cybersecurity vulnerability analysis of medical devices purchased by national health services \| Scientific Reports Related entries in the VARIoT vulnerabilities database: VAR-202008-0248 Trust: 3.75 Fetched: Nov. 10, 2023, 9:04 a.m., Published: Nov. 9, 2023, midnight	Vulnerabilities: sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2020-1472

Cisco Identity Services Engine Arbitrary File Upload Vulnerabi... \| Tenable® Trust: 3.0 Fetched: Nov. 8, 2023, 9:23 a.m., Published: Nov. 6, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	identity_services_engine
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	cisco identity services engine

Citrix NetScaler - Memory Leak (CVE-2023-4966) - Vulnerability & Exploit Database Trust: 5.0 Fetched: Nov. 8, 2023, 9:19 a.m., Published: Nov. 9, 2023, midnight	Vulnerabilities: memory leak

Affected products

External IDs

vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	netscaler

db:

NVD

ids:

CVE-2023-4966

What the new ‘iLeakage’ research tells us about potential security flaws in Apple Arm chips \| SC Media Trust: 3.75 Fetched: Nov. 8, 2023, 9:16 a.m., Published: March 7, 2023, 7 p.m.	Vulnerabilities: side channel attack

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	webkit
vendor:	apple	model:	safari
vendor:	apple	model:	iphone

VARIoT news about IoT security