VARIoT latest news about IoT security

Zero-Day Alert: Thousands of Cisco IOS XE Systems Now Compromised Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 5.5 Fetched: Oct. 20, 2023, 9:15 a.m., Published: Oct. 17, 2023, 7:16 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco systems	model:	cisco ios xe
vendor:	cisco systems	model:	ios xe
vendor:	cisco systems	model:	cisco ios
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198, CVE-2021-1435

Critical Flaw Leads Hackers to Hijack Thousands of Cisco Devices \| PCMag Trust: 3.75 Fetched: Oct. 20, 2023, 9:14 a.m., Published: Oct. 20, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	wireless controller
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

Thousands of devices exposed to critical Cisco IOS XE software bug \| SC Media Trust: 3.75 Fetched: Oct. 20, 2023, 9:14 a.m., Published: Oct. 18, 2023, 6:51 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	routers
vendor:	cisco	model:	access points
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

More Than 34,000 Cisco Devices Compromised Via IOS XE Vulnerability: Researchers \| CRN Trust: 4.5 Fetched: Oct. 20, 2023, 9:14 a.m., Published: Oct. 18, 2023, 1:44 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	wireless lan controller
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

How to keep your IoT devices secure \| TechRadar Trust: 3.5 Fetched: Oct. 20, 2023, 9:12 a.m., Published: Oct. 16, 2023, 2:14 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	network access control
vendor:	google	model:	home
vendor:	aruba	model:	clearpass

Philippines ranks second in global list of compromised Cisco devices Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 3.75 Fetched: Oct. 20, 2023, 9:12 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	wireless lan controller
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198, CVE-2021-1435

Cisco Warns of Critical Vulnerability in IOS XE Software - Infosecurity Magazine Trust: 3.75 Fetched: Oct. 20, 2023, 9:11 a.m., Published: Oct. 17, 2023, noon	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

Cisco IOS XE Hack: Researchers Find Another ‘Sharp Increase’ In Affected Devices \| CRN Trust: 4.5 Fetched: Oct. 20, 2023, 9:11 a.m., Published: Oct. 19, 2023, 9:44 a.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	wireless lan controller
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

Active Exploitation of Cisco IOS XE Zero-Day Vulnerability \| Rapid7 Blog Related entries in the VARIoT vulnerabilities database: VAR-202103-0773 Trust: 3.5 Fetched: Oct. 20, 2023, 9:10 a.m., Published: Oct. 17, 2023, 7:50 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	routers
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	access points
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198, CVE-2021-1435, CVE-2023-21098

Cisco Releases Security Advisory for Actively Exploited Vulnerability CVE-2023-20198 - NHS Digital Trust: 3.75 Fetched: Oct. 20, 2023, 9:10 a.m., Published: Oct. 20, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

cisco

model:

series

db:

NVD

ids:

CVE-2023-20198

Siemens SICAM A8000 Devices \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202310-0203 Trust: 5.5 Fetched: Oct. 18, 2023, 9:31 a.m., Published: Jan. 10, 2023, midnight	Vulnerabilities: path traversal

Affected products

External IDs

vendor:	siemens	model:	sicam
vendor:	siemens	model:	sicam a8000

db:

NVD

ids:

CVE-2023-42796

Understanding IoT Devices, and the Security Threats They Pose - TrollEye Security Trust: 4.25 Fetched: Oct. 18, 2023, 9:29 a.m., Published: Oct. 2, 2023, 12:22 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	google	model:	home
vendor:	palo	model:	networks
vendor:	palo alto networks	model:	networks

Overview of IoT threats in 2023 - SharITSec Trust: 5.25 Fetched: Oct. 18, 2023, 9:24 a.m., Published: Oct. 18, 2023, midnight	Vulnerabilities: configuration issue

Affected products

External IDs

vendor:	bosch	model:	smart camera
vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2022-27593

Cisco issues alert over critical IOS XE Software flaw \| ITPro Trust: 3.75 Fetched: Oct. 18, 2023, 9:23 a.m., Published: Oct. 17, 2023, 12:30 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	router
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

Juniper Junos OS: 2023-10 Security Bulletin: Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges (JSA73158) (multiple CVEs) Trust: 3.25 Fetched: Oct. 18, 2023, 9:23 a.m., Published: Oct. 18, 2023, midnight	Vulnerabilities: denial of service

Affected products	External IDs

ChirpStack for Healthcare IoT Security: Safeguarding Sensitive Data - Techlogitic Trust: 4.75 Fetched: Oct. 18, 2023, 9:22 a.m., Published: Oct. 10, 2023, 10:39 a.m.	Vulnerabilities: weak password

Affected products

External IDs

vendor:

chirpstack

model:

network server

Signal denies rumors of zero-day bug used to take over devices - The Hindu Trust: 4.25 Fetched: Oct. 18, 2023, 9:21 a.m., Published: Oct. 17, 2023, 9:11 a.m.	Vulnerabilities: code execution

Affected products	External IDs

Understanding IoT Devices, And The Security Threats They Pose Trust: 4.25 Fetched: Oct. 18, 2023, 9:20 a.m., Published: Oct. 3, 2023, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	google	model:	home
vendor:	palo	model:	networks
vendor:	palo alto networks	model:	networks

Govt issues high-risk warning for Google Chrome users, here is how you can protect your device - India Today Trust: 3.5 Fetched: Oct. 18, 2023, 9:19 a.m., Published: Oct. 13, 2023, 3:30 a.m.	Vulnerabilities: buffer overflow, use after free

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	google chrome
vendor:	google	model:	chrome

Phosphorus Releases Mitigation Solutions for Critical Cisco Trust: 4.25 Fetched: Oct. 18, 2023, 9:19 a.m., Published: Oct. 17, 2023, midnight	Vulnerabilities: privilege escalation, default credentials

Affected products

External IDs

vendor:	cisco	model:	access points
vendor:	cisco	model:	routers
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2023-20198

VARIoT news about IoT security