Sign-up

VARIoT news about IoT security

Wi-Fi Hacking: How They Hack Your Wi-Fi - PureVPN Blog

Trust: 3.25

Fetched: Oct. 27, 2023, 9:21 a.m., Published: Oct. 2, 2023, 11:47 a.m.
 Vulnerabilities: default credentials, denial of service
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android
vendor: google model: wifi
vendor: google model: wi-fi router
vendor: apple model: iphone

Weekly Vulnerability Recap - October 16, 2023 - Apple & Linux Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202310-2564, VAR-202310-0175

Trust: 5.25

Fetched: Oct. 27, 2023, 9:19 a.m., Published: Oct. 16, 2023, 8:38 p.m.
 Vulnerabilities: default credentials, privilege escalation, command injection...
Affected productsExternal IDs
vendor: google model: android
vendor: google model: wifi
vendor: tp-link model: gateway
vendor: tp-link model: routers
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
vendor: citrix model: gateway
vendor: citrix model: netscaler gateway
vendor: d-link model: router
vendor: cisco model: router
vendor: cisco model: netscaler gateway
vendor: cisco model: routers
db: NVD ids: CVE-2023-4966, CVE-2023-43641, CVE-2023-45208, CVE-2023-4967, CVE-2023-42824, CVE-2023-44487, CVE-2023-5217, CVE-2023-38545

Phosphorus Releases Mitigation Solutions For Critical Cisco IOS XE Zero-Day Vulnerability | MENAFN.COM

Trust: 4.25

Fetched: Oct. 27, 2023, 9:17 a.m., Published: Oct. 17, 2023, 4:16 p.m.
 Vulnerabilities: default credentials, privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: access points
vendor: cisco model: routers
db: NVD ids: CVE-2023-20198

Cisco's Discovery: A Second Zero-Day Vulnerability Despite the Decline in Hacked Devices

Related entries in the VARIoT vulnerabilities database: VAR-202103-0773

Trust: 5.5

Fetched: Oct. 27, 2023, 9:16 a.m., Published: Oct. 3, 2023, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: guard
vendor: cisco model: routers
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198, CVE-2021-1435, CVE-2023-20273

How Are Ddos Attacks Related To The Internet Of Things (IoT)? | Robots.net

Trust: 3.5

Fetched: Oct. 27, 2023, 9:15 a.m., Published: Oct. 17, 2023, 12:01 a.m.
 Vulnerabilities: default credentials, denial of service, service disruption
Affected productsExternal IDs

Cisco Fixes Widely Exploited IOS XE Vulnerability: What You Need to Know

Trust: 4.75

Fetched: Oct. 27, 2023, 9:13 a.m., Published: Oct. 3, 2023, midnight
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: routers
db: NVD ids: CVE-2023-20198

Cyber attack: 'Operation Triangulation' can access memory, take control of iOS device, says Kaspersk- The New Indian Express

Trust: 3.0

Fetched: Oct. 27, 2023, 9:12 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari

Phosphorus Releases Mitigation Solutions for Critical Cisco IOS XE Zero-Day Vulnerability | Markets Insider

Trust: 4.25

Fetched: Oct. 27, 2023, 9:11 a.m., Published: March 27, 2023, midnight
 Vulnerabilities: default credentials, privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: access points
vendor: cisco model: routers
db: NVD ids: CVE-2023-20198

Cyber attack: 'Operation Triangulation' can access memory, take control of iOS device, says Kaspersky | Technology

Trust: 3.0

Fetched: Oct. 27, 2023, 9:11 a.m., Published: Oct. 27, 2023, 5:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari

Beyond the Click: Understanding Zero-Click Exploits and Their Impact

Related entries in the VARIoT vulnerabilities database: VAR-201409-1156

Trust: 4.25

Fetched: Oct. 27, 2023, 9:10 a.m., Published: Oct. 16, 2023, 11:03 a.m.
 Vulnerabilities: privilege escalation, code execution, buffer overflow
Affected productsExternal IDs
vendor: apple model: iphone
vendor: essential model: phone
db: NVD ids: CVE-2022-36934, CVE-2014-6271

TheSocialTalks - Navigating the Cyber security Threat Landscape: What You Need to Know

Trust: 3.0

Fetched: Oct. 25, 2023, 9:21 a.m., Published: May 25, 2023, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

Compromising Android Applications with Intent Manipulation

Trust: 3.75

Fetched: Oct. 25, 2023, 9:21 a.m., Published: Oct. 24, 2023, midnight
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs

Weekly Vulnerability Recap - October 23, 2023 - Cisco, SolarWinds Flaws Make News

Trust: 5.25

Fetched: Oct. 25, 2023, 9:20 a.m., Published: Oct. 23, 2023, 7:57 p.m.
 Vulnerabilities: code execution, access control vulnerability
Affected productsExternal IDs
vendor: cisco model: technical support
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2023-20273, CVE-2023-20198, CVE-2023-22515, CVE-2023-42793

Top 20+ Ethical Hacking Tools in 2023 [Paid+Free] | Intellipaat

Trust: 3.5

Fetched: Oct. 25, 2023, 9:20 a.m., Published: Nov. 20, 2020, 6:17 a.m.
 Vulnerabilities: sql injection, cross-site scripting, denial of service...
Affected productsExternal IDs

TALOS-2023-1788 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

Related entries in the VARIoT vulnerabilities database: VAR-202310-0300

Trust: 5.25

Fetched: Oct. 25, 2023, 9:19 a.m., Published: Oct. 11, 2023, midnight
 Vulnerabilities: buffer overflow, integer overflow
Affected productsExternal IDs
vendor: cisco model: series
vendor: cisco model: router
db: NVD ids: CVE-2023-35967, CVE-2023-35968

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trust: 3.5

Fetched: Oct. 25, 2023, 9:18 a.m., Published: Oct. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2022-43677

Design/Logic Flaw in Cisco - Ios Xe - vulnerability database | Vulners.com

Trust: 4.5

Fetched: Oct. 25, 2023, 9:17 a.m., Published: Oct. 4, 2023, 5:15 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco iox
vendor: cisco model: cisco iox application
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: iox application
vendor: cisco model: ios-xe software
db: NVD ids: CVE-2023-20235

Known issues in Teams Rooms and devices - Microsoft Teams | Microsoft Learn

Trust: 3.0

Fetched: Oct. 25, 2023, 9:17 a.m., Published: Sept. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Over 50K Cisco IOS XE Devices Hacked Exploiting Zero-day Flaw

Trust: 4.75

Fetched: Oct. 25, 2023, 9:16 a.m., Published: Oct. 23, 2023, 9:30 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20273, CVE-2023-20198

Protecting Systems from the New HTTP/2 Rapid Reset Vulnerability - Security Boulevard

Related entries in the VARIoT vulnerabilities database: VAR-202310-0175

Trust: 3.75

Fetched: Oct. 25, 2023, 9:16 a.m., Published: Oct. 24, 2023, midnight
 Vulnerabilities: resource exhaustion
Affected productsExternal IDs
db: NVD ids: CVE-2023-44487