Sign-up

VARIoT news about IoT security

Google issues critical Chrome patch addressing active zero-day

Trust: 5.5

Fetched: Dec. 15, 2023, 9:46 a.m., Published: Dec. 3, 2023, midnight
 Vulnerabilities: validation bypass, command execution, command injection...
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
vendor: google model: android
db: NVD ids: CVE-2023-35138, CVE-2023-49103, CVE-2023-6345, CVE-2023-4473, CVE-2023-35137, CVE-2023-37927, CVE-2023-4474

2023 'ASTORS' Honors Homeland Security & Public Safety (A - GL) - American Security Today

Trust: 3.25

Fetched: Dec. 15, 2023, 9:43 a.m., Published: Nov. 29, 2023, 7 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hewlett packard model: stream
vendor: hewlett packard model: integrity
vendor: hewlett packard model: network automation
vendor: hewlett packard model: 360
vendor: zoom model: client
vendor: rapid model: scada
vendor: ati systems model: mhpss
vendor: axis communications model: communications
vendor: axis communications model: ptz network camera
vendor: axis communications model: network camera
vendor: rockwell model: arena
vendor: hewlett packard enterprise model: stream
vendor: hewlett packard enterprise model: integrity
vendor: hewlett packard enterprise model: network automation
vendor: hewlett packard enterprise model: 360
vendor: axis model: communications
vendor: axis model: ptz network camera
vendor: axis model: network camera
vendor: rockwell automation model: arena

5 Vulnerabilities on SEL-451 Allow Authentication Bypass & DoS

Trust: 4.5

Fetched: Dec. 15, 2023, 9:42 a.m., Published: -
 Vulnerabilities: authentication bypass, cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2023-34390, CVE-2023-31176, CVE-2023-31776, CVE-2023-34388, CVE-2023-34389, CVE-2023-31177

Google issues critical Chrome patch addressing active zero-day

Trust: 5.5

Fetched: Dec. 15, 2023, 9:40 a.m., Published: Dec. 3, 2023, midnight
 Vulnerabilities: validation bypass, command execution, command injection...
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
vendor: google model: android
db: NVD ids: CVE-2023-35138, CVE-2023-49103, CVE-2023-6345, CVE-2023-4473, CVE-2023-35137, CVE-2023-37927, CVE-2023-4474

Using Samsung Galaxy S23, Samsung Galaxy Z Fold 5, Samsung Galaxy Z Flip 5, Samsung gallaxy S22 and other phones? Indian Govt has warning for you! Update your phone now | Technology & Science News, Times Now

Trust: 3.75

Fetched: Dec. 15, 2023, 9:40 a.m., Published: Dec. 5, 2023, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: samsung model: knox
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: google model: android

Alert for Samsung smartphone users: CERT-In warns of high-risk vulnerabilities | Technology News - India TV

Trust: 3.5

Fetched: Dec. 15, 2023, 9:39 a.m., Published: Dec. 15, 2023, 1:12 p.m.
 Vulnerabilities: buffer overflow, integer overflow
Affected productsExternal IDs
vendor: samsung model: knox
vendor: samsung model: galaxy
vendor: samsung model: note
vendor: samsung model: samsung galaxy
vendor: google model: chrome
vendor: google model: pixel
vendor: google model: google chrome
vendor: google model: android

Govt issues high-risk alert for Samsung mobile users

Trust: 3.5

Fetched: Dec. 15, 2023, 9:33 a.m., Published: Dec. 14, 2023, 8:13 p.m.
 Vulnerabilities: buffer overflow, improper access control, integer overflow
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: galaxy
vendor: samsung model: note
vendor: samsung model: samsung mobile
vendor: samsung model: knox

Siemens SICAM Q100 Devices | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202306-0890, VAR-202306-0889

Trust: 4.5

Fetched: Dec. 15, 2023, 9:33 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: cross-site request forgery, request forgery
Affected productsExternal IDs
vendor: siemens model: sicam
db: NVD ids: CVE-2023-30901, CVE-2023-31238

Armis is Named a Leader in Three 2023 Quadrant SPARK Matrix™ Reports | Armis

Trust: 3.0

Fetched: Dec. 15, 2023, 9:32 a.m., Published: Dec. 11, 2023, 9:53 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

Navigating the Cybersecurity Maze: Unraveling the Delta InfraSuite Device Master Vulnerabilities

Trust: 4.5

Fetched: Dec. 15, 2023, 9:31 a.m., Published: Dec. 3, 2023, midnight
 Vulnerabilities: path traversal, improper access control, command injection...
Affected productsExternal IDs
db: NVD ids: CVE-2023-1143, CVE-2023-1134, CVE-2023-1141, CVE-2023-47279, CVE-2023-1137, CVE-2023-47207, CVE-2023-39226

Samsung users alert! Government warns against THIS critical risk: Here's how to stay safe | Mint

Trust: 3.5

Fetched: Dec. 15, 2023, 9:26 a.m., Published: Dec. 15, 2023, midnight
 Vulnerabilities: memory corruption, buffer overflow, integer overflow
Affected productsExternal IDs
vendor: samsung model: knox
vendor: samsung model: mobile
vendor: samsung model: galaxy
vendor: samsung model: samsung mobile
vendor: samsung model: samsung galaxy

10 Network Security Threats Everyone Should Know | eSP

Trust: 3.5

Fetched: Dec. 15, 2023, 9:25 a.m., Published: March 16, 2023, 11:21 p.m.
 Vulnerabilities: brute force attack, denial of service, cross-site scripting
Affected productsExternal IDs

IoT malware: An attribute-based taxonomy, detection mechanisms and challenges | Peer-to-Peer Networking and Applications

Related entries in the VARIoT vulnerabilities database: VAR-202007-1393

Trust: 4.25

Fetched: Dec. 15, 2023, 9:22 a.m., Published: May 1, 2023, midnight
 Vulnerabilities: default password, command injection, denial of service...

What Is a Man-in-the Middle (MITM) Attack? Types & Examples | Fortinet

Trust: 3.75

Fetched: Dec. 15, 2023, 9:11 a.m., Published: Dec. 15, 2023, midnight
 Vulnerabilities: session hijacking
Affected productsExternal IDs

Microsoft patches 34 vulnerabilities, including one zero-day | Malwarebytes

Trust: 6.0

Fetched: Dec. 15, 2023, 9:10 a.m., Published: Dec. 13, 2023, 4:39 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-50164, CVE-2023-35628

This is how to protect your computers from LogoFAIL attacks | ZDNET

Trust: 4.5

Fetched: Dec. 15, 2023, 9:09 a.m., Published: Dec. 7, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: dell model: bios
vendor: lenovo model: updates
vendor: lenovo model: system
vendor: lenovo model: bios
vendor: apple model: iphone
vendor: apple model: ipad

The Evolution of Cybersecurity: Navigating Challenges in the Coming Tech Landscape - TechBullion

Trust: 3.75

Fetched: Dec. 13, 2023, 9:45 a.m., Published: Dec. 1, 2023, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

Top 100+ Cyber Security Interview Questions and Answers

Trust: 3.5

Fetched: Dec. 13, 2023, 9:43 a.m., Published: Dec. 4, 2023, 11:38 a.m.
 Vulnerabilities: denial of service, brute force attack, cross-site scripting...
Affected productsExternal IDs
vendor: wireshark model: wireshark

Kali Linux Penetration Testing (Advanced) Schulung

Trust: 3.25

Fetched: Dec. 13, 2023, 9:43 a.m., Published: Nov. 15, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs

Researchers Exploited GOG Galaxy XPC Service in macOS

Trust: 4.0

Fetched: Dec. 13, 2023, 9:41 a.m., Published: Dec. 9, 2023, 6:38 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2023-40713