VARIoT latest news about IoT security

Cisco Access Point Software Association Request Denial of Service Vulnerability Trust: 3.75 Fetched: March 24, 2023, 9:10 a.m., Published: March 22, 2023, 3:49 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	mesh	model:	mesh
vendor:	cisco	model:	wireless lan controller
vendor:	cisco	model:	series wireless controller
vendor:	cisco	model:	series
vendor:	cisco	model:	wireless controller
vendor:	cisco	model:	cisco wireless lan controller
vendor:	cisco	model:	mobility express
vendor:	cisco	model:	catalyst 9800
vendor:	cisco	model:	catalyst

Honeywell OneWireless Wireless Device Manager \| CISA Trust: 4.5 Fetched: March 24, 2023, 9:10 a.m., Published: March 9, 2023, midnight	Vulnerabilities: privilege escalation, command injection, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-43485, CVE-2022-46361, CVE-2022-4240

Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability Trust: 4.0 Fetched: March 24, 2023, 9:09 a.m., Published: March 23, 2023, 9:42 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios xe

Critical infrastructure at risk from new vulnerabilities found in wireless IIoT devices \| RegSource Trust: 4.75 Fetched: March 22, 2023, 9:23 a.m., Published: March 20, 2023, 5:03 a.m.	Vulnerabilities: code execution, information disclosure, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2022-40981, CVE-2022-46649, CVE-2022-46650, CVE-2022-41607, CVE-2022-3703

Google finds major security flaw in smartphones with Samsung Exynos modems: list of devices affected Trust: 3.75 Fetched: March 22, 2023, 9:20 a.m., Published: March 19, 2023, 10:21 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	samsung	model:	notes
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	mobile
vendor:	samsung	model:	note
vendor:	samsung	model:	exynos
vendor:	samsung	model:	samsung galaxy
vendor:	vivo	model:	modem
vendor:	vivo	model:	modems

Unpatched Akuvox Smart Intercom Vulnerabilities Can Be Exploited for Spying - SecurityWeek Trust: 3.75 Fetched: March 22, 2023, 9:20 a.m., Published: March 10, 2023, 4:16 p.m.	Vulnerabilities: command injection, improper access control, default password...

Affected products	External IDs

Samsung Exynos modems were found to have a vulnerability, here's what company replied - SamNews 24 Trust: 4.75 Fetched: March 22, 2023, 9:19 a.m., Published: March 17, 2023, 9:03 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	samsung	model:	mobile
vendor:	samsung	model:	exynos
vendor:	vivo	model:	modems

db:

NVD

ids:

CVE-2023-24033

Rockwell Automation ThinManager \| CISA Trust: 4.5 Fetched: March 22, 2023, 9:17 a.m., Published: March 9, 2023, midnight	Vulnerabilities: code execution, access violation, buffer overflow...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-28755, CVE-2023-28756, CVE-2023-28757

Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles Trust: 3.75 Fetched: March 22, 2023, 9:17 a.m., Published: March 20, 2023, 9:47 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	samsung	model:	notes
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	mobile
vendor:	samsung	model:	exynos
vendor:	samsung	model:	samsung galaxy

db:

NVD

ids:

CVE-2023-24033

CVE - CVE-2023-20026 Related entries in the VARIoT vulnerabilities database: VAR-202301-0961 Trust: 4.75 Fetched: March 22, 2023, 9:16 a.m., Published: March 3, 2023, midnight	Vulnerabilities: improper validation

Affected products

External IDs

vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	routers
vendor:	cisco	model:	small business
vendor:	cisco	model:	rv042
vendor:	cisco	model:	series
vendor:	cisco systems	model:	cisco small business
vendor:	cisco systems	model:	routers
vendor:	cisco systems	model:	small business
vendor:	cisco systems	model:	rv042
vendor:	cisco systems	model:	series

db:

NVD

ids:

CVE-2023-20026

Siemens RADIUS Client of SIPROTEC 5 Devices \| CISA Trust: 3.5 Fetched: March 22, 2023, 9:16 a.m., Published: March 5, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	siemens	model:	siprotec
vendor:	siemens	model:	siprotec 5
vendor:	siemens	model:	cp300

db:

NVD

ids:

CVE-2022-38767

Cisco Releases Security Advisory for Cisco IP Phones \| CISA Trust: 3.0 Fetched: March 22, 2023, 9:16 a.m., Published: March 22, 8800, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	ip phones
vendor:	cisco	model:	series

Delta Electronics InfraSuite Device Master \| CISA Trust: 5.25 Fetched: March 22, 2023, 9:15 a.m., Published: March 9, 2023, midnight	Vulnerabilities: command injection, access control vulnerability, path traversal...

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2023-1140, CVE-2023-1138, CVE-2023-1139, CVE-2023-1133, CVE-2023-1141, CVE-2023-1137, CVE-2023-1143, CVE-2023-1144, CVE-2023-1134, CVE-2023-1145, CVE-2023-1136, CVE-2023-1135, CVE-2023-1142

How to keep your phone safe from the scary Exynos modem vulnerability Trust: 5.5 Fetched: March 22, 2023, 9:15 a.m., Published: March 21, 2023, 6:57 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	android
vendor:	samsung	model:	notes
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	mobile
vendor:	samsung	model:	android phone
vendor:	samsung	model:	exynos
vendor:	samsung	model:	samsung galaxy
vendor:	vivo	model:	modem
vendor:	vivo	model:	modems

db:

NVD

ids:

CVE-2023-26498, CVE-2023-24033, CVE-2023-26496, CVE-2023-26497

MS-ISAC Advisory: A vulnerability has been discovered in Clam AntiVirus \| RegSource Trust: 3.75 Fetched: March 21, 2023, 9:20 a.m., Published: March 20, 2023, 5:04 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	clamav	model:	clamav
vendor:	clam	model:	clamav
vendor:	cisco	model:	advanced malware protection
vendor:	cisco	model:	web security appliance
vendor:	cisco	model:	guard
vendor:	cisco	model:	clamav

Several zero day vulnerabilities are plaguing Android devices with Samsung chips, warns Google \| PC Help Forum Trust: 4.75 Fetched: March 21, 2023, 9:19 a.m., Published: Feb. 26, 2000, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	exynos
vendor:	samsung	model:	mobile
vendor:	vivo	model:	modems
vendor:	google	model:	pixel
vendor:	google	model:	android

db:

NVD

ids:

CVE-2023-24033

Vulnerabilities found in Samsung's Exynos modems can lead to loss of control over smartphone: On which devices are they used? \| NEWS.am TECH - Innovations and science Trust: 3.75 Fetched: March 21, 2023, 9:19 a.m., Published: March 18, 2023, 12:03 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	exynos
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	mobile
vendor:	vivo	model:	modem
vendor:	vivo	model:	modems

db:

NVD

ids:

CVE-2023-24033

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software - SPIXNET C2S Related entries in the VARIoT vulnerabilities database: VAR-202302-1614, VAR-202302-1598, VAR-202302-1452 Trust: 5.5 Fetched: March 21, 2023, 9:18 a.m., Published: Feb. 21, 2023, 11:40 a.m.	Vulnerabilities: buffer overflow, information leak, entity injection...

Affected products

External IDs

vendor:	clamav	model:	clamav
vendor:	cisco	model:	advanced malware protection
vendor:	cisco	model:	web security appliance
vendor:	cisco	model:	clamav
vendor:	cisco	model:	management appliance
vendor:	cisco	model:	nexus
vendor:	cisco	model:	email security appliance
vendor:	google	model:	nexus

db:

NVD

ids:

CVE-2023-20075, CVE-2023-20052, CVE-2023-20009, CVE-2023-20032, CVE-2023-20014

Google Uncovers 18 Zero-Day Vulnerabilities in Samsung’s Exynos Chipsets Trust: 5.75 Fetched: March 21, 2023, 9:18 a.m., Published: March 18, 2023, 11:47 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	galaxy
vendor:	samsung	model:	note
vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	exynos
vendor:	google	model:	wifi
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2023-26072, CVE-2023-26075, CVE-2023-24033, CVE-2023-26074, CVE-2023-26073

Google Warning! Samsung Galaxy, Pixel Phones Critical Vulnerabilities Allows Full Device Hack Using Just The Phone Number Trust: 3.75 Fetched: March 21, 2023, 9:18 a.m., Published: March 21, 2023, 6:40 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	android
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	exynos
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	mobile

db:

NVD

ids:

CVE-2023-26076, CVE-2023-26072, CVE-2023-26075, CVE-2023-26074, CVE-2023-26073

VARIoT news about IoT security