VARIoT latest news about IoT security

HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202310-0175 Trust: 3.25 Fetched: Oct. 13, 2023, 9:21 a.m., Published: Oct. 2, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-44487

ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws - SecurityWeek Related entries in the VARIoT vulnerabilities database: VAR-202310-0161 Trust: 4.5 Fetched: Oct. 13, 2023, 9:21 a.m., Published: Oct. 11, 2023, 8:20 a.m.	Vulnerabilities: information disclosure, code execution, privilege escalation...

Affected products

External IDs

vendor:	nozomi	model:	guardian
vendor:	siemens	model:	cp devices
vendor:	siemens	model:	simatic cp
vendor:	siemens	model:	ruggedcom
vendor:	siemens	model:	w1750d
vendor:	siemens	model:	sicam pas
vendor:	siemens	model:	sicam pas/pqs
vendor:	siemens	model:	scalance
vendor:	siemens	model:	scalance w1750d
vendor:	siemens	model:	simatic
vendor:	siemens	model:	sinema server
vendor:	siemens	model:	sicam
vendor:	siemens	model:	sicam a8000
vendor:	siemens	model:	sinec nms

db:

NVD

ids:

CVE-2023-43625, CVE-2023-36380

How Axonius Helps Identify the New Curl Vulnerabilities CVE-2023-38545 and CVE-2023-38546 Trust: 5.0 Fetched: Oct. 13, 2023, 9:20 a.m., Published: Oct. 12, 2023, midnight	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2023-38546, CVE-2023-40477, CVE-2023-38831, CVE-2023-38545

Siemens CPCI85 Firmware of SICAM A8000 Devices \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202310-0161 Trust: 3.5 Fetched: Oct. 13, 2023, 9:19 a.m., Published: Jan. 10, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	siemens	model:	sicam
vendor:	siemens	model:	sicam a8000

db:

NVD

ids:

CVE-2023-36380

IZ1H9 Campaign Enhances Its Arsenal with Scores of Exploits \| FortiGuard Labs Related entries in the VARIoT vulnerabilities database: VAR-202102-0290, VAR-201709-0173, VAR-202303-1268, VAR-202202-1281, VAR-202109-0597, VAR-202210-1176, VAR-202002-0403, VAR-202209-2068 Trust: 6.5 Fetched: Oct. 13, 2023, 9:13 a.m., Published: Oct. 9, 2023, 2 p.m.	Vulnerabilities: command injection, arbitrary command execution, code execution...

Affected products

External IDs

vendor:	tp-link	model:	routers
vendor:	d-link	model:	router
vendor:	netis	model:	wf2419
vendor:	prolink	model:	prc2402m

db:

NVD

ids:

CVE-2020-25506, CVE-2015-1187, CVE-2021-36380, CVE-2023-1389, CVE-2023-23295, CVE-2021-27561, CVE-2021-45382, CVE-2021-33544, CVE-2016-20017, CVE-2019-19356, CVE-2022-40475

How to Shield Your Devices from Vulnerabilities Trust: 3.75 Fetched: Oct. 13, 2023, 9:13 a.m., Published: Oct. 11, 2023, 6:20 p.m.	Vulnerabilities: brute force attack

Affected products	External IDs

What is Network Vulnerability Scanning? \| Definition from TechTarget Trust: 3.5 Fetched: Oct. 13, 2023, 9:12 a.m., Published: Oct. 13, 2023, midnight	Vulnerabilities: sql injection, cross-site scripting

Affected products	External IDs

Security Research Device - Apple Security Research Trust: 3.25 Fetched: Oct. 13, 2023, 9:11 a.m., Published: Oct. 31, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

Govt issues critical warning for Android 13 and older devices: risk, affected devices, how to protect your phone - India Today Trust: 4.0 Fetched: Oct. 11, 2023, 9:50 a.m., Published: Oct. 11, 2023, 6:09 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

google

model:

android

Apple Rolls Out iOS/iPadOS 16.7.1 to Address Zero-Day Vulnerability - VULNERA Trust: 3.0 Fetched: Oct. 11, 2023, 9:43 a.m., Published: Oct. 11, 2023, 4:03 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-5217, CVE-2023-42824

System BIOS dla komputera Dell Latitude 3330 \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Oct. 11, 2023, 9:41 a.m., Published: Oct. 11, 3330, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	dell	model:	bios

Plus applications user manual: NDI Optotrak Certus optical pose tracker Trust: 3.0 Fetched: Oct. 11, 2023, 9:34 a.m., Published: Feb. 9, 2000, midnight	Vulnerabilities: application crash

Affected products	External IDs

What's new Trust: 3.75 Fetched: Oct. 11, 2023, 9:32 a.m., Published: April 11, 2019, midnight	Vulnerabilities: weak password

Affected products

External IDs

vendor:

apple

model:

macos

ThreatKey - 6 Stages of the Vulnerability Management Lifecycle Trust: 3.5 Fetched: Oct. 11, 2023, 9:31 a.m., Published: Oct. 6, 2023, midnight	Vulnerabilities: request forgery, denial of service, cross-site request forgery...

Affected products	External IDs

CERT-In urged Android users to update devices promptly: Know more \| Technology News - India TV Trust: 5.0 Fetched: Oct. 11, 2023, 9:31 a.m., Published: Oct. 11, 2023, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2023-4863, CVE-2023-4211

17 Best Penetration Testing Tools 2023 (by Popularity) Trust: 4.25 Fetched: Oct. 11, 2023, 9:28 a.m., Published: Jan. 6, 2022, midnight	Vulnerabilities: privilege escalation, sql injection

Affected products

External IDs

vendor:	raspberry pi	model:	3
vendor:	proftpd	model:	proftpd
vendor:	google	model:	wifi

List vulnerabilities by recommendation \| Microsoft Learn Trust: 4.0 Fetched: Oct. 11, 2023, 9:26 a.m., Published: Dec. 18, 2020, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2019-13748

Device Support - passkeys.dev Trust: 3.0 Fetched: Oct. 11, 2023, 9:24 a.m., Published: Oct. 4, 2023, 4:09 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	ipad
vendor:	apple	model:	iphone
vendor:	apple	model:	icloud

Critical Vulnerability Detected in Citrix NetScaler Devices Could Expose Sensitive Information - VULNERA Trust: 5.75 Fetched: Oct. 11, 2023, 9:23 a.m., Published: Oct. 10, 2023, 3:53 p.m.	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	netscaler
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	gateway

db:

NVD

ids:

CVE-2023-4966, CVE-2023-4967, CVE-2023-3519

Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal - SecurityWeek Related entries in the VARIoT vulnerabilities database: VAR-202210-1176, VAR-202102-0290, VAR-201709-0173, VAR-202002-0403, VAR-202202-1281, VAR-202303-1268 Trust: 5.5 Fetched: Oct. 11, 2023, 9:22 a.m., Published: Oct. 10, 2023, midnight	Vulnerabilities: command injection, arbitrary command execution, os command injection...

Affected products

External IDs

vendor:	netis	model:	wf2419
vendor:	prolink	model:	prc2402m
vendor:	tp-link	model:	routers
vendor:	d-link	model:	router

db:

NVD

ids:

CVE-2016-20017, CVE-2020-25506, CVE-2015-1187, CVE-2019-19356, CVE-2021-36380, CVE-2021-45382, CVE-2023-1389, CVE-2021-35401, CVE-2023-23295

VARIoT news about IoT security