VARIoT latest news about IoT security

Cisco Raises Alarm Over Critical Vulnerability in IOS XE Software - Kratikal Blogs Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 4.25 Fetched: Oct. 24, 2023, 9:19 a.m., Published: Oct. 24, 2023, 4:37 a.m.	Vulnerabilities: arbitrary command execution, command execution

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	guard
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2021-1435, CVE-2023-20198

Cisco Addresses Zero-Day Vulnerabilities in IOS XE Devices - VULNERA Trust: 3.75 Fetched: Oct. 24, 2023, 9:18 a.m., Published: Oct. 23, 2023, 2:08 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20273, CVE-2023-20198

7.3.3 Quiz - Cloud, Mobile, and IoT Security Answers Trust: 4.25 Fetched: Oct. 24, 2023, 9:15 a.m., Published: Oct. 10, 2023, 8:32 a.m.	Vulnerabilities: injection attack, application crash, resource exhaustion...

Affected products

External IDs

vendor:	clamav	model:	clamav
vendor:	rapid	model:	scada

Hackers Modify Cisco IOS XE Backdoor to Evade Detection - VULNERA Trust: 3.75 Fetched: Oct. 24, 2023, 9:15 a.m., Published: Oct. 22, 2023, 5:37 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20273, CVE-2023-20198

Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 3.5 Fetched: Oct. 24, 2023, 9:14 a.m., Published: Oct. 17, 2023, 4:12 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	series
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2021-1435, CVE-2023-20198

CVE-2023-20273: Cisco IOS XE Zero-Day Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 4.75 Fetched: Oct. 24, 2023, 9:11 a.m., Published: May 24, 2023, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2021-1435, CVE-2023-20273, CVE-2023-20198

Sophos release notes Related entries in the VARIoT vulnerabilities database: VAR-202109-1803, VAR-202109-1805, VAR-202106-1875, VAR-202109-1802, VAR-200408-0145 Trust: 3.0 Fetched: Oct. 24, 2023, 9:11 a.m., Published: Oct. 9, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2020-13950, CVE-2021-3712, CVE-2021-39275, CVE-2021-36807, CVE-2021-34798, CVE-2021-26690, CVE-2021-26691, CVE-2020-1968, CVE-2021-23358, CVE-2021-40438, CVE-2004-0230

Philippines ranks second in global list of compromised Cisco devices Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 3.75 Fetched: Oct. 24, 2023, 9:08 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	wireless lan controller
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2021-1435, CVE-2023-20198

Assess Network for Cisco IOS XE Web UI Privilege Escalation Vulnerability \| NetBrain Technologies Inc. Portal \| NetBrain Technologies Inc. Trust: 4.5 Fetched: Oct. 24, 2023, 9:08 a.m., Published: Oct. 16, 2023, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

What the Cisco IOS XE zero-day reveals about potential risk management blind spots \| SC Media Trust: 3.5 Fetched: Oct. 24, 2023, 9:05 a.m., Published: Oct. 23, 2023, 5 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

Zero-day in thousands of Cisco IOS XE devices exploited Trust: 3.75 Fetched: Oct. 22, 2023, 9:17 a.m., Published: Oct. 18, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	routers
vendor:	cisco	model:	router
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

Top 6 web browser attacks and how to avoid them Trust: 4.25 Fetched: Oct. 22, 2023, 9:16 a.m., Published: March 24, 2022, 8:51 a.m.	Vulnerabilities: cross-site scripting, sql injection, session hijacking...

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

How to do vulnerability analysis on internal devices? Trust: 3.75 Fetched: Oct. 22, 2023, 9:16 a.m., Published: Oct. 22, 0867, midnight	Vulnerabilities: information leakage

Affected products

External IDs

vendor:

essential

model:

phone

Indian Govt issues warning against iPhones and iPads running older OS, advises urgent update - India Today Trust: 4.0 Fetched: Oct. 22, 2023, 9:13 a.m., Published: Oct. 20, 2023, 5:22 a.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad
vendor:	apple	model:	iphone

Thousands of Cisco IOS XE Devices Compromised Due to Zero-Day Vulnerability Trust: 3.75 Fetched: Oct. 22, 2023, 9:12 a.m., Published: Oct. 20, 2023, 1:27 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	ios xe
vendor:	cisco	model:	intrusion prevention system
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	cisco ios
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2023-20198

Implantation of the Offensive Lua Backdoor on Many Devices via Cisco Zero-Day Exploitation Trust: 4.75 Fetched: Oct. 22, 2023, 9:12 a.m., Published: Oct. 3, 2023, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	ios xe
vendor:	cisco	model:	routers
vendor:	cisco	model:	ios xe software

db:

NVD

ids:

CVE-2023-20198, CVE-2023-20273

Just how bad is the Cisco IOS XE zero-day vulnerability [CVE-2023-20198]? \| Intruder Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 3.5 Fetched: Oct. 22, 2023, 9:11 a.m., Published: May 22, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	trend	model:	security
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	routers
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198, CVE-2021-1435

Cisco patches zero-day vulnerability under attack \| TechTarget Trust: 3.75 Fetched: Oct. 22, 2023, 9:10 a.m., Published: Sept. 28, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	firepower
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	firepower threat defense software

db:

NVD

ids:

CVE-2023-20109

Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 4.75 Fetched: Oct. 22, 2023, 9:08 a.m., Published: Oct. 21, 2023, 3:46 a.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	ios xe
vendor:	cisco	model:	routers
vendor:	cisco	model:	ios xe software

db:

NVD

ids:

CVE-2023-20198, CVE-2023-20273, CVE-2021-1435

CVE-2023-20198 - Cisco IOS-XE ZeroDay - Censys Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 5.5 Fetched: Oct. 22, 2023, 9:07 a.m., Published: Oct. 18, 2023, 12:24 a.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	ios xe
vendor:	cisco	model:	routers
vendor:	cisco	model:	router
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198, CVE-2021-1435

VARIoT news about IoT security