Sign-up

VARIoT news about IoT security

SSA-843070

Trust: 5.25

Fetched: Oct. 15, 2023, 9:21 a.m., Published: Oct. 1, 2023, midnight
 Vulnerabilities: input validation vulnerability, code execution, denial of service...
Affected productsExternal IDs
vendor: aruba model: instantos
vendor: aruba model: arubaos
db: NVD ids: CVE-2023-22790, CVE-2023-22785, CVE-2023-22789, CVE-2023-22780, CVE-2023-22782, CVE-2023-22786, CVE-2023-22779, CVE-2023-22783, CVE-2023-22791, CVE-2023-22788, CVE-2023-22787, CVE-2023-22781, CVE-2023-22784

Azure threat protection | Microsoft Learn

Trust: 4.25

Fetched: Oct. 15, 2023, 9:18 a.m., Published: Jan. 20, 2023, midnight
 Vulnerabilities: file inclusion, sql injection, command execution...
Affected productsExternal IDs
vendor: imperva model: web application firewall
vendor: barracuda model: running
vendor: barracuda model: web application firewall
vendor: barracuda model: barracuda

Vulnerability Disclosure Program - Qwilr

Trust: 3.75

Fetched: Oct. 15, 2023, 9:18 a.m., Published: Oct. 2, 2023, midnight
 Vulnerabilities: privilege escalation, code execution, denial of service
Affected productsExternal IDs

Released 09 October 2023 CVE (Common Vulnerabilities and Exposures)

Trust: 4.75

Fetched: Oct. 15, 2023, 9:16 a.m., Published: Oct. 9, 2023, midnight
 Vulnerabilities: request forgery, information exposure, cross-site scripting...
Affected productsExternal IDs
vendor: lenovo model: notebook
db: NVD ids: CVE-2023-45353, CVE-2023-44378, CVE-2023-45612, CVE-2023-43700, CVE-2023-5100, CVE-2023-44236, CVE-2023-45350, CVE-2023-43643, CVE-2023-44238, CVE-2023-43699, CVE-2023-45352, CVE-2023-45356, CVE-2023-45373, CVE-2023-45369, CVE-2023-45351, CVE-2023-43697, CVE-2023-44246, CVE-2023-25822, CVE-2022-35950, CVE-2023-45372, CVE-2023-36820, CVE-2023-5333, CVE-2023-44393, CVE-2023-39194, CVE-2023-41667, CVE-2023-44240, CVE-2023-44237, CVE-2023-5103, CVE-2023-43698, CVE-2023-41660, CVE-2023-44232, CVE-2023-5330, CVE-2023-5460, CVE-2023-5459, CVE-2023-45371, CVE-2023-45613, CVE-2023-39193, CVE-2023-45370, CVE-2023-45354, CVE-2023-41669, CVE-2023-39192, CVE-2023-5331, CVE-2022-3431, CVE-2023-3589, CVE-2023-45247, CVE-2023-45374, CVE-2023-44231, CVE-2023-45248, CVE-2023-45349, CVE-2023-45364, CVE-2023-45367, CVE-2023-43696, CVE-2023-41670, CVE-2023-44993, CVE-2023-5101, CVE-2023-41672, CVE-2023-44260, CVE-2023-39189, CVE-2023-41668, CVE-2023-45363, CVE-2023-45355

How to Protect Your Personal Devices and Data from Cyber Threats

Trust: 3.5

Fetched: Oct. 15, 2023, 9:14 a.m., Published: Oct. 3, 2023, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: wifi
vendor: apple model: watch

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Oct. 15, 2023, 9:11 a.m., Published: Oct. 15, 2021, midnight
 Vulnerabilities: configuration error
Affected productsExternal IDs

The Rising Security Risk and Mitigation Options for IoT Devices

Trust: 3.75

Fetched: Oct. 15, 2023, 9:11 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: series

Siemens SICAM PAS/PQS | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202310-0215

Trust: 3.5

Fetched: Oct. 13, 2023, 9:25 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: sicam pas/pqs
vendor: siemens model: sicam
vendor: siemens model: sicam pas
db: NVD ids: CVE-2023-38640

Siemens Xpedition Layout Browser | CISA

Trust: 3.75

Fetched: Oct. 13, 2023, 9:25 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2023-30900

Fortifying IoT Devices: Unraveling the Art of Securing Embedded Systems | Tripwire

Trust: 3.75

Fetched: Oct. 13, 2023, 9:24 a.m., Published: Oct. 13, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

Google Cloud, AWS, and Cloudflare report largest DDoS attacks ever | ZDNET

Related entries in the VARIoT vulnerabilities database: VAR-202310-0175

Trust: 4.75

Fetched: Oct. 13, 2023, 9:24 a.m., Published: Oct. 13, 2023, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-44487

.NET October 2023 Updates - .NET 7.0.12, .NET 6.0.23 - .NET Blog

Related entries in the VARIoT vulnerabilities database: VAR-202310-0175

Trust: 4.75

Fetched: Oct. 13, 2023, 9:23 a.m., Published: Oct. 10, 2023, 5:04 p.m.
 Vulnerabilities: memory leak, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2023-44487, CVE-2023-38171, CVE-2023-36435

SSA-594373

Related entries in the VARIoT vulnerabilities database: VAR-202310-0197

Trust: 5.0

Fetched: Oct. 13, 2023, 9:22 a.m., Published: Oct. 1, 2023, midnight
 Vulnerabilities: code execution, cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2023-35796

Badbox Operation Targets Android Devices in Fraud Schemes

Trust: 3.0

Fetched: Oct. 13, 2023, 9:21 a.m., Published: Oct. 10, 2023, 8:30 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

10 zero-day vulnerabilities in industrial cell router could lead to code execution, buffer overflows

Trust: 5.5

Fetched: Oct. 13, 2023, 9:21 a.m., Published: Oct. 11, 2023, 4 p.m.
 Vulnerabilities: code execution, authentication bypass, buffer overflow
Affected productsExternal IDs
vendor: snort model: snort
vendor: apple model: webkit
vendor: apple model: safari
vendor: snort.org model: snort
vendor: cisco model: router
db: NVD ids: CVE-2023-32632, CVE-2023-24479, CVE-2023-39928, CVE-2023-32645

HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202310-0175

Trust: 3.25

Fetched: Oct. 13, 2023, 9:21 a.m., Published: Oct. 2, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-44487

ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws - SecurityWeek

Related entries in the VARIoT vulnerabilities database: VAR-202310-0161

Trust: 4.5

Fetched: Oct. 13, 2023, 9:21 a.m., Published: Oct. 11, 2023, 8:20 a.m.
 Vulnerabilities: information disclosure, code execution, privilege escalation...
Affected productsExternal IDs
vendor: nozomi model: guardian
vendor: siemens model: cp devices
vendor: siemens model: simatic cp
vendor: siemens model: ruggedcom
vendor: siemens model: w1750d
vendor: siemens model: sicam pas
vendor: siemens model: sicam pas/pqs
vendor: siemens model: scalance
vendor: siemens model: scalance w1750d
vendor: siemens model: simatic
vendor: siemens model: sinema server
vendor: siemens model: sicam
vendor: siemens model: sicam a8000
vendor: siemens model: sinec nms
db: NVD ids: CVE-2023-43625, CVE-2023-36380

How Axonius Helps Identify the New Curl Vulnerabilities CVE-2023-38545 and CVE-2023-38546

Trust: 5.0

Fetched: Oct. 13, 2023, 9:20 a.m., Published: Oct. 12, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2023-38546, CVE-2023-40477, CVE-2023-38831, CVE-2023-38545

Siemens CPCI85 Firmware of SICAM A8000 Devices | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202310-0161

Trust: 3.5

Fetched: Oct. 13, 2023, 9:19 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: sicam
vendor: siemens model: sicam a8000
db: NVD ids: CVE-2023-36380

IZ1H9 Campaign Enhances Its Arsenal with Scores of Exploits | FortiGuard Labs

Related entries in the VARIoT vulnerabilities database: VAR-202102-0290, VAR-201709-0173, VAR-202303-1268, VAR-202202-1281, VAR-202109-0597, VAR-202210-1176, VAR-202002-0403, VAR-202209-2068

Trust: 6.5

Fetched: Oct. 13, 2023, 9:13 a.m., Published: Oct. 9, 2023, 2 p.m.
 Vulnerabilities: command injection, arbitrary command execution, code execution...
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: d-link model: router
vendor: netis model: wf2419
vendor: prolink model: prc2402m
db: NVD ids: CVE-2020-25506, CVE-2015-1187, CVE-2021-36380, CVE-2023-1389, CVE-2023-23295, CVE-2021-27561, CVE-2021-45382, CVE-2021-33544, CVE-2016-20017, CVE-2019-19356, CVE-2022-40475