Sign-up

VARIoT news about IoT security

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability

Trust: 5.0

Fetched: Jan. 3, 2024, 9:08 a.m., Published: Nov. 2, 2023, 1:47 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: firepower management center
vendor: cisco model: firepower threat defense software
vendor: cisco model: cisco firepower management center
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense
vendor: cisco model: adaptive security appliance software
vendor: cisco model: cisco adaptive security appliance software
vendor: cisco model: asa software
vendor: cisco model: adaptive security appliance

Chromium vulnerability affecting Chrome and Edge | Lookout Threat Intelligence

Trust: 4.5

Fetched: Jan. 3, 2024, 9:08 a.m., Published: Jan. 2, 2024, midnight
 Vulnerabilities: memory corruption, heap corruption
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome

Cyber watchdog CERT-In issues hack alert on Apple, Samsung products - Times of India

Trust: 4.75

Fetched: Jan. 2, 2024, 9:19 a.m., Published: Dec. 15, 2023, 8:19 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: apple tv
vendor: samsung model: note

Apple IPhone: iPhone Users Alert! Cybersecurity Experts Warns About Apple iPhone Vulnerability | Technology & Science News, Times Now

Trust: 4.0

Fetched: Jan. 2, 2024, 9:16 a.m., Published: Dec. 29, 2023, 11:31 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
db: NVD ids: CVE-2023-38606

Google fixes 100 Android security issues in December 2023 - Report | Technology News - India TV

Trust: 5.75

Fetched: Jan. 2, 2024, 9:16 a.m., Published: Jan. 1, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: apple model: webkit
vendor: apple model: iphone
db: NVD ids: CVE-2023-40094, CVE-2023-42890, CVE-2023-36019, CVE-2023-40088, CVE-2023-40078

Apache Struts Vulnerability Affecting Cisco Products: December 2023

Trust: 3.0

Fetched: Jan. 2, 2024, 9:11 a.m., Published: Dec. 21, 2023, 10:23 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: unified contact center enterprise
vendor: cisco model: unified customer voice portal
vendor: cisco model: unified intelligent contact management enterprise
vendor: cisco model: customer voice portal
vendor: cisco model: data center network manager
vendor: cisco model: prime collaboration
vendor: cisco model: unity connection
vendor: cisco model: unified intelligence center
vendor: cisco model: prime infrastructure
vendor: cisco model: nexus
vendor: cisco model: access registrar
vendor: cisco model: hosted collaboration mediation fulfillment
vendor: cisco model: prime collaboration provisioning
vendor: cisco model: packaged contact center enterprise
vendor: cisco model: intelligent contact management
vendor: cisco model: prime collaboration assurance
vendor: cisco model: emergency responder
vendor: cisco model: unified ccx
vendor: cisco model: unified sip proxy software
vendor: cisco model: socialminer
vendor: cisco model: unified communications manager
vendor: cisco model: unified contact center express
vendor: cisco model: prime service catalog
vendor: cisco model: computer telephony integration object server
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: finesse
vendor: cisco model: virtualized voice browser
vendor: cisco model: unified communications
vendor: cisco model: unified intelligent contact management
vendor: cisco model: unified communications manager im & presence service
vendor: cisco model: unity
vendor: cisco model: prime access registrar
vendor: cisco model: prime license manager

Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature

Trust: 4.75

Fetched: Jan. 2, 2024, 9:11 a.m., Published: Nov. 1, 2023, 3:44 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe software
db: NVD ids: CVE-2023-20198

Securing Home Networks and Devices

Trust: 3.0

Fetched: Dec. 31, 2023, 9:46 a.m., Published: Dec. 3, 2023, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs

Understanding BLE and ZigBee Protocols | Redfox Security

Trust: 3.75

Fetched: Dec. 31, 2023, 9:44 a.m., Published: Dec. 28, 2023, 6:29 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

Operation Triangulation: Leveraged by Exploiting an Undocumented Hardware Feature in iOS Devices | Black Hat Ethical Hacking

Trust: 3.25

Fetched: Dec. 31, 2023, 9:43 a.m., Published: Dec. 29, 2023, 11:04 a.m.
 Vulnerabilities: integer overflow
Affected productsExternal IDs

FIX Google Chrome Zero Day Vulnerability HTMD Blog

Trust: 6.0

Fetched: Dec. 31, 2023, 9:43 a.m., Published: July 23, 2019, 8:42 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2023-7024

DDoS Unveiled: The Silent Menace in Cyber Warfare | Science Times

Trust: 4.75

Fetched: Dec. 31, 2023, 9:42 a.m., Published: Dec. 18, 2023, 1:24 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security

This Month in Cybersecurity - December 2023 - In the news - Passbolt community forum

Trust: 3.75

Fetched: Dec. 31, 2023, 9:40 a.m., Published: Dec. 29, 2023, 3:30 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: mesh model: mesh
vendor: google model: android
vendor: palo alto networks model: networks
vendor: palo model: networks

Apple iOS Vulnerability Exposed by Kaspersky Points to iPhone Weakness - WinBuzzer

Trust: 4.0

Fetched: Dec. 31, 2023, 9:39 a.m., Published: Dec. 29, 2023, 10:59 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
db: NVD ids: CVE-2023-38606

About the security content of iOS 15.7.8 and iPadOS 15.7.8 - Apple Support

Trust: 4.25

Fetched: Dec. 31, 2023, 9:38 a.m., Published: July 15, 2008, midnight
 Vulnerabilities: buffer overflow, code execution, integer overflow
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: ipad air
vendor: apple model: iphone
db: NVD ids: CVE-2023-34425, CVE-2023-38598, CVE-2023-38599, CVE-2023-35993, CVE-2023-37450, CVE-2023-41990, CVE-2023-38603, CVE-2023-40442, CVE-2023-32416, CVE-2023-23540, CVE-2023-38593, CVE-2023-38604, CVE-2023-38565, CVE-2023-32441, CVE-2023-38590, CVE-2023-37285, CVE-2023-40392, CVE-2023-32409, CVE-2023-38133, CVE-2023-36495, CVE-2023-38606, CVE-2023-38594, CVE-2023-38597, CVE-2023-42831, CVE-2023-38605, CVE-2023-38572, CVE-2023-32445, CVE-2023-32433

Kyocera Issues Vulnerability Solution Update - Industry Analysts, Inc.

Trust: 4.75

Fetched: Dec. 31, 2023, 9:36 a.m., Published: Dec. 29, 2023, 3:29 p.m.
 Vulnerabilities: information leakage, path traversal, traversal attack
Affected productsExternal IDs
db: NVD ids: CVE-2023-50196, CVE-2023-50916

About the security content of iOS 16.7 and iPadOS 16.7 - Apple Support

Trust: 5.25

Fetched: Dec. 31, 2023, 9:35 a.m., Published: Dec. 16, 2023, midnight
 Vulnerabilities: authorization issue, certificate validation issue, code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: iphone
db: NVD ids: CVE-2023-41991, CVE-2023-41984, CVE-2023-40420, CVE-2023-41063, CVE-2023-35990, CVE-2023-41981, CVE-2023-40401, CVE-2023-40403, CVE-2023-41993, CVE-2023-41992, CVE-2023-40454, CVE-2023-41232, CVE-2023-41070, CVE-2023-40395, CVE-2023-40438, CVE-2023-40448, CVE-2023-41073, CVE-2023-38612, CVE-2023-41068

Update: Barracuda Gateways hit by another vulnerability - Techzine Europe

Trust: 3.5

Fetched: Dec. 31, 2023, 9:34 a.m., Published: Dec. 28, 2023, 4:25 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: barracuda networks model: barracuda
vendor: barracuda model: barracuda
db: NVD ids: CVE-2023-7102, CVE-2023-7101

CVE-2023-35629 - Security Update Guide - Microsoft - Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability

Trust: 3.25

Fetched: Dec. 31, 2023, 9:34 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-35629

2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is | Qualys Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-202303-2580

Trust: 5.25

Fetched: Dec. 31, 2023, 9:32 a.m., Published: Dec. 19, 2023, 3 p.m.
 Vulnerabilities: code execution, security feature bypass, command injection...
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
vendor: trend model: security
db: NVD ids: CVE-2023-27350, CVE-2023-22952, CVE-2023-24880, CVE-2023-20887, CVE-2023-23397, CVE-2023-29059, CVE-2023-0699, CVE-2023-2868, CVE-2023-34362, CVE-2023-28252, CVE-2023-0669, CVE-2023-290593, CVE-2023-35036