VARIoT latest news about IoT security

North Korean Threats Target TeamCity CVE-2023-42793 Bug: Microsoft Raises Alarm Trust: 5.25 Fetched: Nov. 5, 2023, 9:31 a.m., Published: May 5, 2023, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-42793

How to Find Security Vulnerabilities in Python Application? Trust: 3.5 Fetched: Nov. 5, 2023, 9:31 a.m., Published: July 24, 2023, 5:37 a.m.	Vulnerabilities: cross-site scripting, command injection, sql injection

Affected products

External IDs

vendor:

node.js

model:

node.js

Android Hacking: The libwebp Vulnerability (zero-day RCE with no user interaction!) \| Esystematics Blog Trust: 4.5 Fetched: Nov. 5, 2023, 9:30 a.m., Published: Oct. 8, 2023, 6:05 p.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	google	model:	android

db:

NVD

ids:

CVE-2023-41064

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores Trust: 3.5 Fetched: Nov. 5, 2023, 9:30 a.m., Published: Oct. 20, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2022-43677

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores Trust: 3.5 Fetched: Nov. 5, 2023, 9:29 a.m., Published: Oct. 20, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2022-43677

Hardcoded credentials in Siemens - Cp-8031 Firmware - vulnerability database \| Vulners.com Related entries in the VARIoT vulnerabilities database: VAR-202310-0161 Trust: 3.5 Fetched: Nov. 5, 2023, 9:28 a.m., Published: Oct. 10, 2023, 11:15 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	siemens	model:	sicam
vendor:	siemens	model:	sicam a8000

db:

NVD

ids:

CVE-2023-36380

How To Fix CVE-2022-30190 Vulnerability Using Microsoft Intune Related entries in the VARIoT vulnerabilities database: VAR-202205-1958 Trust: 3.0 Fetched: Nov. 5, 2023, 9:27 a.m., Published: June 3, 2022, 3:26 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-30190

TALOS-2023-1765 \|\| Cisco Talos Intelligence Group - Comprehensive Threat Intelligence Trust: 4.75 Fetched: Nov. 5, 2023, 9:26 a.m., Published: Oct. 11, 2023, midnight	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	series

Galaxy S23 series grabs several vulnerability fixes with the October 2023 patch \| Android Central Trust: 3.0 Fetched: Nov. 5, 2023, 9:25 a.m., Published: Oct. 11, 2023, 7:22 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

galaxy

Addressing IoT Security Concerns Smart Thermostat Edition Trust: 3.25 Fetched: Nov. 5, 2023, 9:25 a.m., Published: Oct. 30, 2023, midnight	Vulnerabilities: default password, default credentials

Affected products	External IDs

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities Trust: 5.5 Fetched: Nov. 5, 2023, 9:24 a.m., Published: Oct. 25, 2023, 4:47 a.m.	Vulnerabilities: authentication bypass, session hijacking, code execution...

Affected products

External IDs

vendor:	citrix	model:	netscaler
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler gateway

db:

NVD

ids:

CVE-2023-35187, CVE-2023-35185, CVE-2023-35182, CVE-2023-34051, CVE-2023-4966

About the security content of iOS 16.4 and iPadOS 16.4 - Apple Support Related entries in the VARIoT vulnerabilities database: VAR-202302-1859 Trust: 5.25 Fetched: Nov. 5, 2023, 9:22 a.m., Published: Nov. 16, 2023, midnight	Vulnerabilities: use after free, integer overflow, memory corruption...

Affected products

External IDs

vendor:	trend	model:	security
vendor:	canary	model:	canary
vendor:	trend micro	model:	security
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad
vendor:	apple	model:	icloud
vendor:	apple	model:	safari
vendor:	apple	model:	ipad air
vendor:	apple	model:	webkit

db:

NVD

ids:

CVE-2023-28198, CVE-2022-46724, CVE-2023-42830, CVE-2023-32366, CVE-2023-27961, CVE-2023-23532, CVE-2023-28185, CVE-2023-23523, CVE-2023-23528, CVE-2023-27956, CVE-2023-23526, CVE-2023-28181, CVE-2023-28194, CVE-2023-27931, CVE-2023-23525, CVE-2023-27933, CVE-2023-23541, CVE-2023-27970, CVE-2023-27937, CVE-2023-27969, CVE-2023-32424, CVE-2023-32358, CVE-2023-23535, CVE-2023-27928, CVE-2023-27963, CVE-2023-28201, CVE-2023-27943, CVE-2023-23536, CVE-2023-27932, CVE-2023-27959, CVE-2023-28188, CVE-2023-23527, CVE-2023-27942, CVE-2023-27929, CVE-2023-28195, CVE-2023-23540, CVE-2023-27955, CVE-2023-23543, CVE-2022-46705, CVE-2023-32370, CVE-2022-46725, CVE-2023-28182, CVE-2023-27954, CVE-2023-32435, CVE-2023-23537, CVE-2023-28178, CVE-2023-28187, CVE-2023-23494

Secure Your Internet-Facing Infrastructure \| Arctic Wolf Trust: 3.75 Fetched: Nov. 5, 2023, 9:20 a.m., Published: Nov. 2, 2023, 2:36 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	nexus

Manufacturers of Smart Products Must Wage a Cyber Battle on Two Fronts - Technology Insights Blog Trust: 3.75 Fetched: Nov. 5, 2023, 9:19 a.m., Published: Oct. 25, 2023, 1:47 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

Windows 10 most critical vulnerabilities in 2022 \| CalCom Trust: 3.75 Fetched: Nov. 5, 2023, 9:19 a.m., Published: Oct. 28, 2023, 6:47 p.m.	Vulnerabilities: information disclosure, code execution, denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2022-41093, CVE-2022-32230, CVE-2022-41043, CVE-2022-30216, CVE-2022-41033, CVE-2022-37981, CVE-2022-41045, CVE-2022-38028, CVE-2022-41100, CVE-2022-34722, CVE-2022-30209, CVE-2022-37969

What Is Penetration Testing? Strategic Approaches and Types \| EC-Council Trust: 3.25 Fetched: Nov. 5, 2023, 9:18 a.m., Published: Feb. 1, 2022, 12:22 p.m.	Vulnerabilities: firewall bypass

Affected products	External IDs

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967 Trust: 4.0 Fetched: Nov. 5, 2023, 9:17 a.m., Published: Oct. 10, 2023, 12:07 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	citrix	model:	netscaler
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	netscaler gateway

db:

NVD

ids:

CVE-2023-4967, CVE-2023-4966

MS08.067: The Vulnerability that Shook the World - Sapphire.net Trust: 3.75 Fetched: Nov. 5, 2023, 9:16 a.m., Published: Oct. 18, 2023, 4:48 a.m.	Vulnerabilities: code execution, buffer overflow

Affected products	External IDs

Security Patch for Two New Flaws in Curl Library Arriving on October 11 Trust: 3.0 Fetched: Nov. 5, 2023, 9:16 a.m., Published: Oct. 9, 2023, 10:32 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-38546, CVE-2023-38545

Advisory CVE202320198 CVE202320273 Cisco IOS XE PrivEsc and file-write vulnerability in Web UI Trust: 3.0 Fetched: Nov. 5, 2023, 9:14 a.m., Published: Oct. 16, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios

VARIoT news about IoT security