Sign-up

VARIoT news about IoT security

Cisco issues warning for critical 0-day vulnerability exploited in the wild - Outpost24

Trust: 3.75

Fetched: Oct. 18, 2023, 9:18 a.m., Published: Oct. 17, 2023, 12:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20198

Cisco warns of actively exploited zero-day in IOS XE software

Trust: 3.75

Fetched: Oct. 18, 2023, 9:16 a.m., Published: Oct. 17, 2023, 10:36 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: snort model: snort
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: router
db: NVD ids: CVE-2023-20198

Cisco IOS XE Devices Have Been ‘Widely Exploited:’ Researcher | CRN

Trust: 4.0

Fetched: Oct. 18, 2023, 9:16 a.m., Published: Oct. 17, 2023, 10:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: wireless lan controller
vendor: cisco model: cisco ios xe
vendor: cisco model: router
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20198

Cisco Discloses New Critical Zero Day Vulnerability in Web UI of IOS XE Software - Allows Attackers to Compromise Routers

Related entries in the VARIoT vulnerabilities database: VAR-202103-0773

Trust: 4.25

Fetched: Oct. 18, 2023, 9:16 a.m., Published: Oct. 17, 2023, 9:42 p.m.
 Vulnerabilities: arbitrary command execution, command execution
Affected productsExternal IDs
vendor: cisco model: routers
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: router
vendor: cisco model: cisco ios
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2023-20198, CVE-2021-1435

Cisco reports major security flaw, users urged to patch immediately | TechRadar

Trust: 4.0

Fetched: Oct. 18, 2023, 9:16 a.m., Published: Oct. 17, 2023, 9 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: routers
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe software
db: NVD ids: CVE-2023-20198

Critical Flaw Leads Hackers to Hijack Thousands of Cisco Devices

Trust: 3.75

Fetched: Oct. 18, 2023, 9:15 a.m., Published: Oct. 17, 2023, 9:51 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: router
vendor: cisco model: wireless controller
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20198

Critical Cisco IOS XE vulnerability gives attackers control of devices | CSO Online

Trust: 4.0

Fetched: Oct. 18, 2023, 9:15 a.m., Published: Oct. 17, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: routers
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20198

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability - SecurityWeek

Related entries in the VARIoT vulnerabilities database: VAR-202103-0773

Trust: 5.5

Fetched: Oct. 18, 2023, 9:15 a.m., Published: Oct. 17, 2023, midnight
 Vulnerabilities: command injection, privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: ios software
vendor: cisco model: ios xe software
db: NVD ids: CVE-2023-20198, CVE-2021-1435

CVE-2023-20198: Zero-Day Vulnerability in Cisco IOS XE Exploited in the Wild - Blog | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202103-0773

Trust: 4.25

Fetched: Oct. 18, 2023, 9:11 a.m., Published: Oct. 16, 2023, 5:14 p.m.
 Vulnerabilities: command injection, privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: router
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20109, CVE-2023-20198, CVE-2021-1435

Critical Vulnerability in MikroTik RouterOS Tens of Thousands of Devices in Indonesia are Vulnerable - Cyber Defense Insight

Trust: 4.5

Fetched: Oct. 18, 2023, 9:11 a.m., Published: Oct. 9, 2023, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: mikrotik model: winbox
vendor: mikrotik model: routers
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: router
vendor: mikrotik model: routeros
db: NVD ids: CVE-2023-30799

Snack Up, Patch Up: Zyxel NAS Alert!

Trust: 4.0

Fetched: Oct. 18, 2023, 9:11 a.m., Published: June 26, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: zyxel model: nas326
vendor: zyxel model: nas542
vendor: zyxel model: nas540
db: NVD ids: CVE-2023-27992

Critical Vulnerability in MikroTik Routers Exposes Up to 900K Devices to Potential Takeover - VULNERA

Trust: 4.5

Fetched: Oct. 18, 2023, 9:10 a.m., Published: July 25, 2023, 4:59 p.m.
 Vulnerabilities: default password, privilege escalation
Affected productsExternal IDs
vendor: mikrotik model: winbox
vendor: mikrotik model: routers
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: router
vendor: mikrotik model: routeros
db: NVD ids: CVE-2023-30788

Upgrading Kaspersky Endpoint Security Cloud

Trust: 3.0

Fetched: Oct. 18, 2023, 9:10 a.m., Published: April 18, 2019, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Phosphorus Releases Mitigation Solutions for Critical Cisco IOS XE Zero-Day Vulnerability - Phosphorus

Trust: 4.25

Fetched: Oct. 18, 2023, 9:08 a.m., Published: Oct. 17, 2023, 8:01 p.m.
 Vulnerabilities: privilege escalation, default credentials
Affected productsExternal IDs
vendor: cisco model: access points
vendor: cisco model: routers
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20198

Cisco warns against a critical vulnerability in IOS XE-based network devices | TechSpot

Related entries in the VARIoT vulnerabilities database: VAR-202103-0773

Trust: 4.75

Fetched: Oct. 18, 2023, 9:07 a.m., Published: Oct. 18, 4070, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2023-20198, CVE-2021-1435

Android Hacking: libwebp Vulnerability

Trust: 4.5

Fetched: Oct. 17, 2023, 9:38 a.m., Published: Oct. 13, 2023, 8:11 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
vendor: google model: google chrome
vendor: google model: pixel
db: NVD ids: CVE-2023-41064

Indian Government Warns Apple iPhone and iPad Users of 'High' Risk | Technology & Science News, Times Now

Trust: 3.0

Fetched: Oct. 17, 2023, 9:36 a.m., Published: Oct. 17, 2040, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: iphone

Finding Cisco IOS-XE devices with runZero

Trust: 3.75

Fetched: Oct. 17, 2023, 9:33 a.m., Published: Oct. 16, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: openresty model: openresty
vendor: cisco model: cisco routers
vendor: cisco model: cisco ios
vendor: cisco model: routers
db: NVD ids: CVE-2023-20198

Cisco's Ticking Time Bomb: CVE-2023-20198 with CVSS Score 10 Hits Cisco Devices

Trust: 3.75

Fetched: Oct. 17, 2023, 9:31 a.m., Published: Oct. 16, 2023, 10:55 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
db: NVD ids: CVE-2023-20198

Buffer Overflow Attacks Explained (with Examples)

Trust: 3.5

Fetched: Oct. 17, 2023, 9:30 a.m., Published: Aug. 24, 2020, 1:38 p.m.
 Vulnerabilities: buffer overrun, buffer overflow, code execution...
Affected productsExternal IDs