VARIoT latest news about IoT security

Most Weaponized Vulnerabilities of 2022 and 5 Key Risks: Report - Security news - NewsLocker Trust: 4.75 Fetched: April 2, 2023, 9:19 a.m., Published: April 2, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	essential	model:	phone
vendor:	apple	model:	iphone
vendor:	apple	model:	apple ipad
vendor:	apple	model:	ipad
vendor:	apple	model:	watch
vendor:	oneplus	model:	one
vendor:	motorola	model:	motorola
vendor:	google	model:	pixel
vendor:	google	model:	home

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog - SecOperations Related entries in the VARIoT vulnerabilities database: VAR-202108-2051 Trust: 4.5 Fetched: April 2, 2023, 9:18 a.m., Published: April 1, 2023, 9:36 p.m.	Vulnerabilities: cross-site scripting, code execution, memory corruption

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	google	model:	android
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2021-30900, CVE-2013-3163, CVE-2023-0266, CVE-2022-42948, CVE-2022-22706, CVE-2017-7494, CVE-2022-39197, CVE-2022-38181, CVE-2022-3038

20 Security Vulnerabilities and Prevention Tips - Sapphire Trust: 4.75 Fetched: April 2, 2023, 9:15 a.m., Published: March 28, 2023, 2:09 p.m.	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:

delegate

model:

delegate

Update your Windows now to avoid the Acropalypse vulnerability \| Fox News Trust: 3.5 Fetched: April 2, 2023, 9:14 a.m., Published: May 2, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	android

db:

NVD

ids:

CVE-2023-28303

Weakness at the Network Edge: Mandiant Examines 2022's Zero-Day Exploits \| eSecurityPlanet Related entries in the VARIoT vulnerabilities database: VAR-202212-1132, VAR-202205-1958, VAR-202205-1370, VAR-202207-0874 Trust: 4.5 Fetched: April 2, 2023, 9:12 a.m., Published: March 25, 2023, 5:56 p.m.	Vulnerabilities: directory traversal

Affected products

External IDs

vendor:	fortigate	model:	fortios
vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2022-42475, CVE-2022-30190, CVE-2022-2294, CVE-2022-22047, CVE-2022-41328, CVE-2022-26485

Google - these serious security threats are targeting both Android and iOS devices \| TechRadar Related entries in the VARIoT vulnerabilities database: VAR-202108-2051, VAR-202212-1751 Trust: 3.75 Fetched: April 2, 2023, 9:11 a.m., Published: March 30, 2023, 1:10 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	samsung	model:	mobile
vendor:	xiaomi	model:	browser

db:

NVD

ids:

CVE-2021-30900, CVE-2023-0266, CVE-2022-4262, CVE-2022-22706, CVE-2022-4135, CVE-2022-38181, CVE-2022-3723, CVE-2022-42856, CVE-2022-3038

Cisco IOS XE Software IOx Application Hosting Environment Privilege Escalation Vulnerability Trust: 4.0 Fetched: April 2, 2023, 9:10 a.m., Published: March 22, 2023, 3:49 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	iox application
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software

Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability Trust: 4.0 Fetched: April 2, 2023, 9:10 a.m., Published: March 22, 2023, 3:49 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	fxos
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	intrusion prevention system
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	router
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	firepower

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices - 443News Related entries in the VARIoT vulnerabilities database: VAR-202212-1751, VAR-202108-2051 Trust: 4.75 Fetched: March 31, 2023, 9:11 a.m., Published: March 9, 2023, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	samsung	model:	note

db:

NVD

ids:

CVE-2022-3038, CVE-2022-4135, CVE-2022-42856, CVE-2022-3723, CVE-2023-26083, CVE-2022-22706, CVE-2022-38181, CVE-2023-0266, CVE-2022-4262, CVE-2021-30900

PSA: Make Sure to Update Older Devices to iOS 15.7.4 to Fix Actively Exploited Vulnerability - Software Curated Trust: 3.0 Fetched: March 31, 2023, 9:11 a.m., Published: March 27, 2023, 9:19 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	webkit
vendor:	apple	model:	ipad

Update your Windows now to avoid Acropalypse vulnerability - BollywoodGags - Bollywood Gags Trust: 3.5 Fetched: March 31, 2023, 9:11 a.m., Published: March 30, 2023, 8:55 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2023-28303

Google - these serious security threats are targeting both Android and iOS devices - All About The Tech world! Related entries in the VARIoT vulnerabilities database: VAR-202212-1751, VAR-202108-2051 Trust: 3.75 Fetched: March 31, 2023, 9:10 a.m., Published: March 30, 2023, 8:06 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	chrome
vendor:	google	model:	android
vendor:	xiaomi	model:	browser
vendor:	samsung	model:	mobile

db:

NVD

ids:

CVE-2022-3038, CVE-2022-4135, CVE-2022-42856, CVE-2022-3723, CVE-2022-22706, CVE-2022-38181, CVE-2023-0266, CVE-2022-4262, CVE-2021-30900

Update your Windows now to avoid the Acropalypse vulnerability \| Daily Traders Edge Trust: 3.5 Fetched: March 31, 2023, 9:10 a.m., Published: March 30, 2023, 9:46 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2023-28303

Update your Windows now to avoid the Acropalypse vulnerability - Cafe Blouberg News Trust: 3.5 Fetched: March 31, 2023, 9:09 a.m., Published: March 30, 2023, 9:08 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2023-28303

Update your Windows now to avoid the Acropalypse vulnerability - Bloody Scholars Trust: 3.5 Fetched: March 31, 2023, 9:08 a.m., Published: March 30, 2023, 8:50 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2023-28303

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices \| Vumetric Cyber Portal Related entries in the VARIoT vulnerabilities database: VAR-202212-1751, VAR-202108-2051 Trust: 5.0 Fetched: March 31, 2023, 9:08 a.m., Published: March 31, 2023, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2022-4135, CVE-2022-42856, CVE-2022-3723, CVE-2022-38181, CVE-2021-30900

Apple's March 2023 Updates Addresses Multiple Security Vulnerabilities! - SecPod Blog Related entries in the VARIoT vulnerabilities database: VAR-202205-1326, VAR-202302-1169, VAR-202302-1097 Trust: 5.5 Fetched: March 31, 2023, 9:06 a.m., Published: March 29, 2023, 7:36 a.m.	Vulnerabilities: code execution, denial of service, security bypass...

Affected products

External IDs

vendor:	apple	model:	tvos
vendor:	apple	model:	webkit
vendor:	apple	model:	safari
vendor:	apple	model:	watch
vendor:	apple	model:	icloud
vendor:	apple	model:	apple tv
vendor:	apple	model:	watchos
vendor:	apple	model:	iphone
vendor:	apple	model:	macos
vendor:	apple	model:	ipad
vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad air

db:

NVD

ids:

CVE-2023-0051, CVE-2023-23537, CVE-2023-23542, CVE-2023-27934, CVE-2023-27969, CVE-2023-27935, CVE-2023-27936, CVE-2023-27958, CVE-2023-27963, CVE-2023-28192, CVE-2023-23523, CVE-2023-27953, CVE-2023-0512, CVE-2023-23533, CVE-2023-27970, CVE-2023-27955, CVE-2023-27959, CVE-2023-27951, CVE-2023-23525, CVE-2022-43552, CVE-2023-23538, CVE-2023-27949, CVE-2023-23532, CVE-2023-27961, CVE-2023-23528, CVE-2023-28194, CVE-2023-27932, CVE-2023-0054, CVE-2023-27968, CVE-2023-0049, CVE-2023-0288, CVE-2023-27944, CVE-2023-28180, CVE-2023-27929, CVE-2023-27956, CVE-2023-23527, CVE-2023-23543, CVE-2023-23526, CVE-2023-27941, CVE-2023-23494, CVE-2023-28182, CVE-2023-28190, CVE-2022-26702, CVE-2023-27931, CVE-2023-27946, CVE-2023-27933, CVE-2023-27943, CVE-2023-27962, CVE-2023-23540, CVE-2023-28200, CVE-2022-43551, CVE-2023-0433, CVE-2023-27954, CVE-2023-23514, CVE-2023-28181, CVE-2023-27928, CVE-2023-27937, CVE-2023-27965, CVE-2023-23535, CVE-2023-28178, CVE-2023-23534, CVE-2023-27952, CVE-2023-23529, CVE-2023-23541, CVE-2023-27942, CVE-2023-27957

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices Related entries in the VARIoT vulnerabilities database: VAR-202212-1751, VAR-202108-2051 Trust: 4.75 Fetched: March 31, 2023, 9:04 a.m., Published: March 29, 2023, 1:52 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	samsung	model:	note
vendor:	samsung	model:	mobile

db:

NVD

ids:

CVE-2022-3038, CVE-2022-4135, CVE-2022-42856, CVE-2022-3723, CVE-2023-26083, CVE-2022-22706, CVE-2022-38181, CVE-2023-0266, CVE-2022-4262, CVE-2021-30900

Apple releases security update to fix more than 30 vulnerabilities on iPhones and iPads Trust: 3.0 Fetched: March 31, 2023, 9:03 a.m., Published: March 29, 2023, 9:13 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	safari
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad
vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad air

Spyware vendors use 0-days and n-days against popular platforms Trust: 4.75 Fetched: March 31, 2023, 9:03 a.m., Published: March 29, 2023, midnight	Vulnerabilities: information leak

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	android
vendor:	samsung	model:	samsung firmware
vendor:	samsung	model:	note

db:

NVD

ids:

CVE-2022-3038, CVE-2022-1134, CVE-2023-26083, CVE-2022-22706, CVE-2023-0266, CVE-2022-4262

VARIoT news about IoT security